Skip to content
  • Home

Cybernoz – Cybersecurity News

Search

GitLab – GitLab-Runner on Windows `DOCKER_AUTH_CONFIG` container host Command Injection

 Cybernoz  May 8, 2024  Posted in Mix

GitLab - GitLab-Runner on Windows `DOCKER_AUTH_CONFIG` container host Command Injection

HackerOne bug report to GitLab: GitLab-Runner, when running on Windows with a docker executor, is vulnerable to Command Injection via the DOCKER_AUTH_CONFIG build variable. Injected commands are executed on the container host, not within a Docker container, as such could compromise all future builds which are executed by the runner.



Source link

Post navigation

LockBit gang claimed responsibility for the attack on City of Wichita →
← IntelBroker Hacker Claims Breach of Top Cybersecurity Firm, Selling Access

Latest Posts

  • Malicious Chrome Extension Steals MEXC API Keys by Masquerading as Trading Tool
  • ‘Dual-channel’ attacks are the new face of BEC in 2026
  • Healthcare breaches double as shadow AI, vendor risks proliferate
  • Betterment confirms data breach after wave of crypto scam emails
  • FortiOS and FortiSwitchManager Vulnerability Let Remote Attackers Execute Arbitrary Code

Copyright © 2026 Cybernoz - Cybersecurity News

Design by ThemesDNA.com