{"vulnerability": "CVE-2024-2365", "sightings": [{"uuid": "9cc82519-32b9-41e2-b848-0cfe598a86d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23652", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m5gsex5bg227", "content": "", "creation_timestamp": "2025-11-12T13:53:17.708875Z"}, {"uuid": "1e87df31-2362-49fb-a3a3-3cadf03bfdc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23653", "type": "seen", "source": "https://bsky.app/profile/kcqon.bsky.social/post/3lh3fiujjtc2h", "content": "", "creation_timestamp": "2025-02-01T01:49:14.344243Z"}, {"uuid": "7d016f04-ef57-431c-8521-085120c88a35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23653", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m5gsex5bg227", "content": "", "creation_timestamp": "2025-11-12T13:53:17.798820Z"}, {"uuid": "a518582d-84af-448e-b274-add3b9e894e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "ffbddc8c-bc61-42e0-9be3-21644ead7dfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "7294dc27-7882-4db6-b453-37bb8af6fda8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "25d2f5c4-5e64-4707-904e-e104070af48c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "7bad5d5d-53ca-4c66-8987-65ad2c3367d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "81c7cab3-f736-4c6e-8423-1e4f3c7fa906", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "352ae72e-d37c-43aa-9198-b50238757d44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "c80c46d1-61e3-4bf2-aa1b-85c38d4c5875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "3ca1abaf-b447-4184-aa29-394c836209d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "ea6ce407-1600-4060-920d-5ba73400c7c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "afb55f42-e46e-44bc-b0f7-d4f149f50c18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "b69620ef-8d29-411c-ac6a-e34504c92e46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "4cdef704-a745-45f7-9334-cc8407f89d66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-23651", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_06/2024", "content": "", "creation_timestamp": "2024-02-02T10:26:42.000000Z"}, {"uuid": "6fca8ef0-594e-43eb-a7af-6229321ea3ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-23653", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_06/2024", "content": "", "creation_timestamp": "2024-02-02T10:26:42.000000Z"}, {"uuid": "138726d3-858f-4d9a-9c86-3c5ab3fa1b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-23652", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_06/2024", "content": "", "creation_timestamp": "2024-02-02T10:26:42.000000Z"}, {"uuid": "c279de51-a699-47c9-b2cf-503ea7271b92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23652", "type": "seen", "source": "https://t.me/kasperskyb2b/1123", "content": "\ud83c\udf81\ud83d\udde3 \u0421\u043b\u043e\u0436\u043d\u0430\u044f \u043d\u0435\u0434\u0435\u043b\u044f \u043d\u0430\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f \u0443 \u0434\u0435\u0432\u043e\u043f\u0441-\u0438\u043d\u0436\u0435\u043d\u0435\u0440\u043e\u0432 \u0438 \u0432\u0441\u0435\u0445, \u043a\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b. \u0427\u0435\u0442\u044b\u0440\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 runc \u0438 BuildKit, \u043a\u043e\u043b\u043b\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0435 Leaky Vessels, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u041e\u0421 \u0445\u043e\u0441\u0442\u0430. \u0425\u043e\u0442\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c, \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u043d\u0435\u043b\u0435\u0433\u0430\u043b\u044c\u043d\u044b\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u044b \u0438 \u043f\u0440\u043e\u0447\u0438\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u043b\u044e\u0434\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0438\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0441\u043a\u043e\u0440\u043e\u043c \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\nCVE-2024-23652 (CVSS 10) \u0432 BuildKit \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u0444\u0440\u043e\u043d\u0442\u0435\u043d\u0434\u0443 \u0438\u043b\u0438 dockerfile \u0443\u0434\u0430\u043b\u044f\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0438 \u043f\u0430\u043f\u043a\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0432 \u0445\u043e\u0441\u0442-\u0441\u0438\u0441\u0442\u0435\u043c\u0435.  \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 0.12.5.\nCVE-2024-21626 (CVSS 8.6) \u0432 runc \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u0442\u0435\u0447\u043a\u043e\u0439 \u0434\u0435\u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0440\u0430 \u0444\u0430\u0439\u043b\u0430 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u043e\u0431\u0440\u0430\u0437\u0443 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0441 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u043f\u0430\u043f\u043a\u043e\u0439 \u0432 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0435 \u0445\u043e\u0441\u0442-\u041e\u0421. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 runc 1.1.12\nCVE-2024-23653 (CVSS 9.8) \u0432 BuildKit  \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0430 CVE-2024-23651 (CVSS 8.7) \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0433\u043e\u043d\u043a\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0445\u043e\u0441\u0442\u0430.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0430 runc \u0438 Buildkit \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Kubernetes \u0438 Docker, \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0430\u0436\u043d\u043e \u0438\u0437\u0443\u0447\u0438\u0442\u044c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 \u0432\u0430\u0448\u0435\u0433\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u044d\u0442\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 (\u0443\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438\u0441\u044c AWS, Docker, Google \u0438 \u0434\u0440\u0443\u0433\u0438\u0435, \u043d\u0435 \u0433\u043e\u0432\u043e\u0440\u044f \u0443\u0436\u0435 \u043f\u0440\u043e runc \u0438 containerd) \u0438 \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0441\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0441\u0431\u043e\u0440\u043a\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0432 \u043f\u0430\u0439\u043f\u043b\u0430\u0439\u043d\u0435 CI/CD, \u0434\u0435\u043c\u043e\u043d\u044b Docker \u0438 \u043e\u0440\u043a\u0435\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b.  \n\n\u041d\u0443 \u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u044d\u0442\u043e \u0435\u0449\u0451 \u0440\u0430\u0437 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0441\u0442\u0430\u043b\u0430 \u043e\u0441\u0442\u0440\u043e\u0439 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0430 \u043d\u0435 \u0431\u043b\u0430\u0436\u044c\u044e \u0418\u0411-\u0448\u043d\u0438\u043a\u043e\u0432.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-02-02T10:20:07.000000Z"}, {"uuid": "bb2e3b4f-940a-414b-ba38-4fbe6e15e0ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23651", "type": "seen", "source": "https://t.me/kasperskyb2b/1123", "content": "\ud83c\udf81\ud83d\udde3 \u0421\u043b\u043e\u0436\u043d\u0430\u044f \u043d\u0435\u0434\u0435\u043b\u044f \u043d\u0430\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f \u0443 \u0434\u0435\u0432\u043e\u043f\u0441-\u0438\u043d\u0436\u0435\u043d\u0435\u0440\u043e\u0432 \u0438 \u0432\u0441\u0435\u0445, \u043a\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b. \u0427\u0435\u0442\u044b\u0440\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 runc \u0438 BuildKit, \u043a\u043e\u043b\u043b\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0435 Leaky Vessels, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u041e\u0421 \u0445\u043e\u0441\u0442\u0430. \u0425\u043e\u0442\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c, \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u043d\u0435\u043b\u0435\u0433\u0430\u043b\u044c\u043d\u044b\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u044b \u0438 \u043f\u0440\u043e\u0447\u0438\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u043b\u044e\u0434\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0438\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0441\u043a\u043e\u0440\u043e\u043c \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\nCVE-2024-23652 (CVSS 10) \u0432 BuildKit \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u0444\u0440\u043e\u043d\u0442\u0435\u043d\u0434\u0443 \u0438\u043b\u0438 dockerfile \u0443\u0434\u0430\u043b\u044f\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0438 \u043f\u0430\u043f\u043a\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0432 \u0445\u043e\u0441\u0442-\u0441\u0438\u0441\u0442\u0435\u043c\u0435.  \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 0.12.5.\nCVE-2024-21626 (CVSS 8.6) \u0432 runc \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u0442\u0435\u0447\u043a\u043e\u0439 \u0434\u0435\u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0440\u0430 \u0444\u0430\u0439\u043b\u0430 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u043e\u0431\u0440\u0430\u0437\u0443 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0441 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u043f\u0430\u043f\u043a\u043e\u0439 \u0432 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0435 \u0445\u043e\u0441\u0442-\u041e\u0421. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 runc 1.1.12\nCVE-2024-23653 (CVSS 9.8) \u0432 BuildKit  \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0430 CVE-2024-23651 (CVSS 8.7) \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0433\u043e\u043d\u043a\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0445\u043e\u0441\u0442\u0430.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0430 runc \u0438 Buildkit \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Kubernetes \u0438 Docker, \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0430\u0436\u043d\u043e \u0438\u0437\u0443\u0447\u0438\u0442\u044c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 \u0432\u0430\u0448\u0435\u0433\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u044d\u0442\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 (\u0443\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438\u0441\u044c AWS, Docker, Google \u0438 \u0434\u0440\u0443\u0433\u0438\u0435, \u043d\u0435 \u0433\u043e\u0432\u043e\u0440\u044f \u0443\u0436\u0435 \u043f\u0440\u043e runc \u0438 containerd) \u0438 \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0441\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0441\u0431\u043e\u0440\u043a\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0432 \u043f\u0430\u0439\u043f\u043b\u0430\u0439\u043d\u0435 CI/CD, \u0434\u0435\u043c\u043e\u043d\u044b Docker \u0438 \u043e\u0440\u043a\u0435\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b.  \n\n\u041d\u0443 \u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u044d\u0442\u043e \u0435\u0449\u0451 \u0440\u0430\u0437 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0441\u0442\u0430\u043b\u0430 \u043e\u0441\u0442\u0440\u043e\u0439 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0430 \u043d\u0435 \u0431\u043b\u0430\u0436\u044c\u044e \u0418\u0411-\u0448\u043d\u0438\u043a\u043e\u0432.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-02-02T10:20:07.000000Z"}, {"uuid": "ed6fd375-e7d7-46c2-ae1d-5002dd531b15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23653", "type": "seen", "source": "https://t.me/kasperskyb2b/1123", "content": "\ud83c\udf81\ud83d\udde3 \u0421\u043b\u043e\u0436\u043d\u0430\u044f \u043d\u0435\u0434\u0435\u043b\u044f \u043d\u0430\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f \u0443 \u0434\u0435\u0432\u043e\u043f\u0441-\u0438\u043d\u0436\u0435\u043d\u0435\u0440\u043e\u0432 \u0438 \u0432\u0441\u0435\u0445, \u043a\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b. \u0427\u0435\u0442\u044b\u0440\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 runc \u0438 BuildKit, \u043a\u043e\u043b\u043b\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0435 Leaky Vessels, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043f\u043e\u0431\u0435\u0433 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u041e\u0421 \u0445\u043e\u0441\u0442\u0430. \u0425\u043e\u0442\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0438\u0441\u044c, \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u043d\u0435\u043b\u0435\u0433\u0430\u043b\u044c\u043d\u044b\u0435 \u043a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0435\u0440\u044b \u0438 \u043f\u0440\u043e\u0447\u0438\u0435 \u043d\u0435\u043f\u0440\u0438\u044f\u0442\u043d\u044b\u0435 \u043b\u044e\u0434\u0438 \u043d\u0430\u0447\u043d\u0443\u0442 \u0438\u043c\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0441\u043a\u043e\u0440\u043e\u043c \u0431\u0443\u0434\u0443\u0449\u0435\u043c.\n\nCVE-2024-23652 (CVSS 10) \u0432 BuildKit \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u0444\u0440\u043e\u043d\u0442\u0435\u043d\u0434\u0443 \u0438\u043b\u0438 dockerfile \u0443\u0434\u0430\u043b\u044f\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0438 \u043f\u0430\u043f\u043a\u0438 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0432 \u0445\u043e\u0441\u0442-\u0441\u0438\u0441\u0442\u0435\u043c\u0435.  \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 0.12.5.\nCVE-2024-21626 (CVSS 8.6) \u0432 runc \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u0442\u0435\u0447\u043a\u043e\u0439 \u0434\u0435\u0441\u043a\u0440\u0438\u043f\u0442\u043e\u0440\u0430 \u0444\u0430\u0439\u043b\u0430 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c\u0443 \u043e\u0431\u0440\u0430\u0437\u0443 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0441 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u043f\u0430\u043f\u043a\u043e\u0439 \u0432 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0435 \u0445\u043e\u0441\u0442-\u041e\u0421. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 runc 1.1.12\nCVE-2024-23653 (CVSS 9.8) \u0432 BuildKit  \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0430 CVE-2024-23651 (CVSS 8.7) \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0433\u043e\u043d\u043a\u0435, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0445\u043e\u0441\u0442\u0430.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0430 runc \u0438 Buildkit \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Kubernetes \u0438 Docker, \u0432\u0435\u0441\u044c\u043c\u0430 \u0432\u0430\u0436\u043d\u043e \u0438\u0437\u0443\u0447\u0438\u0442\u044c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0438 \u0432\u0430\u0448\u0435\u0433\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0430 \u044d\u0442\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 (\u0443\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438\u0441\u044c AWS, Docker, Google \u0438 \u0434\u0440\u0443\u0433\u0438\u0435, \u043d\u0435 \u0433\u043e\u0432\u043e\u0440\u044f \u0443\u0436\u0435 \u043f\u0440\u043e runc \u0438 containerd) \u0438 \u0441\u0432\u043e\u0435\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0441\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0441\u0431\u043e\u0440\u043a\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0432 \u043f\u0430\u0439\u043f\u043b\u0430\u0439\u043d\u0435 CI/CD, \u0434\u0435\u043c\u043e\u043d\u044b Docker \u0438 \u043e\u0440\u043a\u0435\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b.  \n\n\u041d\u0443 \u0438 \u043a\u043e\u043d\u0435\u0447\u043d\u043e, \u044d\u0442\u043e \u0435\u0449\u0451 \u0440\u0430\u0437 \u043d\u0430\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442, \u0447\u0442\u043e \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0430\u044f \u0437\u0430\u0449\u0438\u0442\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0441\u0442\u0430\u043b\u0430 \u043e\u0441\u0442\u0440\u043e\u0439 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0430 \u043d\u0435 \u0431\u043b\u0430\u0436\u044c\u044e \u0418\u0411-\u0448\u043d\u0438\u043a\u043e\u0432.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2024-02-02T10:20:07.000000Z"}, {"uuid": "f0f95f45-f7fd-48ab-8910-f6c974bbb904", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23654", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12907", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23654\n\ud83d\udd25 CVSS Score: 4.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: discourse-ai is the AI plugin for the open-source discussion platform Discourse. Prior to commit 94ba0dadc2cf38e8f81c3936974c167219878edd, interactions with different AI services are vulnerable to admin-initiated SSRF attacks. Versions of the plugin that include commit 94ba0dadc2cf38e8f81c3936974c167219878edd contain a patch. As a workaround, one may disable the discourse-ai plugin.\n\n\ud83d\udccf Published: 2024-02-21T20:28:12.939Z\n\ud83d\udccf Modified: 2025-04-22T16:23:20.217Z\n\ud83d\udd17 References:\n1. https://github.com/discourse/discourse-ai/security/advisories/GHSA-32cj-rm2q-22cc\n2. https://github.com/discourse/discourse-ai/commit/94ba0dadc2cf38e8f81c3936974c167219878edd", "creation_timestamp": "2025-04-22T17:03:32.000000Z"}, {"uuid": "a8699490-52a5-4170-944e-88f4156234f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23652", "type": "seen", "source": "Telegram/_g77oYQgQgNWeGzTKzEzBqvOnDry1Bvbe5EDmpRTUMlzAQ", "content": "", "creation_timestamp": "2024-01-31T22:35:37.000000Z"}, {"uuid": "ae3d587e-5875-417a-8249-11d8008d8267", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23657", "type": "seen", "source": "https://t.me/cvedetector/2497", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-23657 - \"Nuxt Devtools Path Traversal and Origin Check Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2024-23657 \nPublished : Aug. 5, 2024, 9:15 p.m. | 40\u00a0minutes ago \nDescription : Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Nuxt Devtools is missing authentication on the `getTextAssetContent` RPC function which is vulnerable to path traversal.  Combined with a lack of Origin checks on the WebSocket handler,  an attacker is able to interact with a locally running devtools instance and exfiltrate data abusing this vulnerability. In certain configurations an attacker could leak the devtools authentication token and then abuse other RPC functions to achieve RCE. The `getTextAssetContent` function does not check for path traversals, this could allow an attacker to read arbitrary files over the RPC WebSocket. The WebSocket server does not check the origin of the request leading to cross-site-websocket-hijacking. This may be intentional to allow certain configurations to work correctly. Nuxt Devtools authentication tokens are placed within the home directory of the current user. The malicious webpage can connect to the Devtools WebSocket, perform a directory traversal brute force to find the authentication token, then use the *authenticated* `writeStaticAssets` function to create a new Component, Nitro Handler or `app.vue` file which will run automatically as the file is changed. This vulnerability has been addressed in release version 1.3.9. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-05T23:56:55.000000Z"}, {"uuid": "45792851-069f-4fd5-9d88-67a412db7547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23654", "type": "seen", "source": "Telegram/9WnAjz6vqxtSU82TNxMZUDQtqH2PRuzhzcY3M7_9JcQiZqBG", "content": "", "creation_timestamp": "2025-02-06T02:44:20.000000Z"}, {"uuid": "1e5df235-4fc8-4483-95a9-b6ba8e4d8487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23651", "type": "seen", "source": "Telegram/_g77oYQgQgNWeGzTKzEzBqvOnDry1Bvbe5EDmpRTUMlzAQ", "content": "", "creation_timestamp": "2024-01-31T22:35:37.000000Z"}, {"uuid": "ad744959-f78b-47f8-a65b-0f78cfc0177b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23653", "type": "seen", "source": "Telegram/_g77oYQgQgNWeGzTKzEzBqvOnDry1Bvbe5EDmpRTUMlzAQ", "content": "", "creation_timestamp": "2024-01-31T22:35:37.000000Z"}, {"uuid": "ee619068-7731-4bcd-8f2d-edd3c696a71c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23651", "type": "seen", "source": "https://t.me/ctinow/191158", "content": "https://ift.tt/NQgDnmS\nCVE-2024-23651 | moby buildkit up to 0.12.4 race condition (GHSA-m3r6-h7wv-7xxv)", "creation_timestamp": "2024-02-22T20:51:39.000000Z"}, {"uuid": "74f7c643-916d-4b8b-a8db-ab8696b09750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23651", "type": "seen", "source": "https://t.me/true_secator/5364", "content": "Snyk\u00a0Leaky Vessels \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 runC, \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 CLI \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0432 Linux, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 2015 \u0433\u043e\u0434\u0443\u00a0\u0431\u044b\u043b \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u00a0\u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u0443\u044e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a: CVE-2024-21626\u00a0(CVSS: 8,6), CVE-2024-23651\u00a0(CVSS: 8,7), CVE-2024-23652\u00a0(CVSS: 10,0), CVE-2024-23653\u00a0(CVSS: 9,8) \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 runC 1.1.12.\n\n\u042d\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u041e\u0421 \u0445\u043e\u0441\u0442\u0430 \u0438\u0437\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c (\u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0435 \u0438 \u0442.\u0434.), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0430\u0442\u0430\u043a\u0438, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u0421\u0430\u043c\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u2014 CVE-2024-21626, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u0445\u043e\u0434\u0443 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u043c\u0443 \u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 WORKDIR. \u0420\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430 \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u043e\u0431\u0440\u0430\u0437\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 Dockerfile \u0438\u043b\u0438 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430.\n\n\u041d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u043d\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u043a\u0430 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0441\u0431\u043e\u0440\u043a\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, Snyk \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u043e\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0441\u0432\u043e\u0438 \u0441\u0440\u0435\u0434\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Docker \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u043e\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0435\u0433\u043e \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0441\u0431\u043e\u0440\u043a\u0438 \u0438\u043b\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0438\u0437 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430.\n\nAWS \u0438 Google Cloud \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u043c\u0435\u0440\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2024-02-01T17:55:34.000000Z"}, {"uuid": "07a910d8-1845-46b2-875a-d3558c8c6524", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23653", "type": "seen", "source": "https://t.me/true_secator/5364", "content": "Snyk\u00a0Leaky Vessels \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 runC, \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 CLI \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0432 Linux, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 2015 \u0433\u043e\u0434\u0443\u00a0\u0431\u044b\u043b \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u00a0\u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u0443\u044e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a: CVE-2024-21626\u00a0(CVSS: 8,6), CVE-2024-23651\u00a0(CVSS: 8,7), CVE-2024-23652\u00a0(CVSS: 10,0), CVE-2024-23653\u00a0(CVSS: 9,8) \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 runC 1.1.12.\n\n\u042d\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u041e\u0421 \u0445\u043e\u0441\u0442\u0430 \u0438\u0437\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c (\u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0435 \u0438 \u0442.\u0434.), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0430\u0442\u0430\u043a\u0438, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u0421\u0430\u043c\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u2014 CVE-2024-21626, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u0445\u043e\u0434\u0443 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u043c\u0443 \u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 WORKDIR. \u0420\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430 \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u043e\u0431\u0440\u0430\u0437\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 Dockerfile \u0438\u043b\u0438 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430.\n\n\u041d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u043d\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u043a\u0430 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0441\u0431\u043e\u0440\u043a\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, Snyk \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u043e\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0441\u0432\u043e\u0438 \u0441\u0440\u0435\u0434\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Docker \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u043e\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0435\u0433\u043e \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0441\u0431\u043e\u0440\u043a\u0438 \u0438\u043b\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0438\u0437 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430.\n\nAWS \u0438 Google Cloud \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u043c\u0435\u0440\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2024-02-01T17:55:34.000000Z"}, {"uuid": "b76ece92-a0f0-4aca-95f7-55e36979acd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://t.me/ctinow/204396", "content": "https://ift.tt/B1pVeTL\nCVE-2024-2365", "creation_timestamp": "2024-03-11T01:27:09.000000Z"}, {"uuid": "eb731237-07cb-4eb5-a7d0-435331000604", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2365", "type": "seen", "source": "https://t.me/ctinow/204394", "content": "https://ift.tt/B1pVeTL\nCVE-2024-2365", "creation_timestamp": "2024-03-11T01:27:07.000000Z"}, {"uuid": "8136532c-54aa-4cc2-bc9f-8635572cf50f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23652", "type": "seen", "source": "https://t.me/ctinow/191157", "content": "https://ift.tt/0e7ap9T\nCVE-2024-23652 | moby buildkit up to 0.12.4 path traversal (GHSA-4v98-7qmw-rqr8)", "creation_timestamp": "2024-02-22T20:51:39.000000Z"}, {"uuid": "e4a4c546-bb93-4026-98b8-cbcf9bfae0b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23652", "type": "seen", "source": "https://t.me/KomunitiSiber/1424", "content": "RunC Flaws Enable Container Escapes, Granting Attackers Host Access\nhttps://thehackernews.com/2024/02/runc-flaws-enable-container-escapes.html\n\nMultiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks.\nThe vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed\u00a0Leaky Vessels\u00a0by cybersecurity vendor Snyk.\n\"These container", "creation_timestamp": "2024-01-31T23:07:57.000000Z"}, {"uuid": "b75546c7-93cd-4de5-85c8-7062d201e543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23651", "type": "seen", "source": "https://t.me/KomunitiSiber/1424", "content": "RunC Flaws Enable Container Escapes, Granting Attackers Host Access\nhttps://thehackernews.com/2024/02/runc-flaws-enable-container-escapes.html\n\nMultiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks.\nThe vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed\u00a0Leaky Vessels\u00a0by cybersecurity vendor Snyk.\n\"These container", "creation_timestamp": "2024-01-31T23:07:57.000000Z"}, {"uuid": "b357fc38-33c7-40a5-8cd7-5d1d60894c2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23653", "type": "seen", "source": "https://t.me/KomunitiSiber/1424", "content": "RunC Flaws Enable Container Escapes, Granting Attackers Host Access\nhttps://thehackernews.com/2024/02/runc-flaws-enable-container-escapes.html\n\nMultiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks.\nThe vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653, have been collectively dubbed\u00a0Leaky Vessels\u00a0by cybersecurity vendor Snyk.\n\"These container", "creation_timestamp": "2024-01-31T23:07:57.000000Z"}, {"uuid": "d62e93b0-3a7e-4ec2-b21f-5f5352ad1e37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23652", "type": "seen", "source": "https://t.me/true_secator/5364", "content": "Snyk\u00a0Leaky Vessels \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442 \u043e\u0431 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0438 \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 runC, \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0435 CLI \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432 \u0432 Linux, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 2015 \u0433\u043e\u0434\u0443\u00a0\u0431\u044b\u043b \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u00a0\u0432 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u0443\u044e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0443 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041e\u0441\u043d\u043e\u0432\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u043a\u0430\u043a: CVE-2024-21626\u00a0(CVSS: 8,6), CVE-2024-23651\u00a0(CVSS: 8,7), CVE-2024-23652\u00a0(CVSS: 10,0), CVE-2024-23653\u00a0(CVSS: 9,8) \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0432\u044b\u0445\u043e\u0434\u0430 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430. \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 runC 1.1.12.\n\n\u042d\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0431\u0430\u0437\u043e\u0432\u043e\u0439 \u041e\u0421 \u0445\u043e\u0441\u0442\u0430 \u0438\u0437\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0438 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c (\u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435, \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043a\u043b\u0438\u0435\u043d\u0442\u0435 \u0438 \u0442.\u0434.), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043f\u043e\u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0430\u0442\u0430\u043a\u0438, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u043f\u0440\u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u0421\u0430\u043c\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u2014 CVE-2024-21626, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u044b\u0445\u043e\u0434\u0443 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u043c\u0443 \u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u043e\u0439 WORKDIR. \u0420\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430 \u0438\u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u043e\u0431\u0440\u0430\u0437\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 Dockerfile \u0438\u043b\u0438 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430.\n\n\u041d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f\u0448\u043d\u0438\u0439 \u0434\u0435\u043d\u044c \u043d\u0435\u0442 \u043d\u0438\u043a\u0430\u043a\u0438\u0445 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435. \n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u043d\u0438\u0437\u043a\u043e\u0443\u0440\u043e\u0432\u043d\u0435\u0432\u044b\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u043e\u0433\u043e \u0434\u0432\u0438\u0436\u043a\u0430 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0441\u0431\u043e\u0440\u043a\u0438 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432, Snyk \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0437\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u043e\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u0441\u0432\u043e\u0438 \u0441\u0440\u0435\u0434\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043e\u0432.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Docker \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u043a\u043e\u043d\u0442\u0435\u043d\u0442\u043e\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0435\u0433\u043e \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0441\u0431\u043e\u0440\u043a\u0438 \u0438\u043b\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440 \u0438\u0437 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u043e\u0431\u0440\u0430\u0437\u0430.\n\nAWS \u0438 Google Cloud \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u0441\u043e\u0431\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043e\u043f\u043e\u0432\u0435\u0449\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0437\u044b\u0432\u0430\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u043c\u0435\u0440\u0435 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2024-02-01T17:55:34.000000Z"}, {"uuid": "15d0a210-3313-44b0-97af-dae3b12ee082", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23654", "type": "seen", "source": "https://t.me/ctinow/206587", "content": "https://ift.tt/sCEiuJq\nCVE-2024-23654 | discourse-ai on Discourse server-side request forgery", "creation_timestamp": "2024-03-13T11:41:12.000000Z"}, {"uuid": "81de5c93-a7eb-473c-b2b6-68199fb7f4c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23655", "type": "seen", "source": "https://t.me/ctinow/187335", "content": "https://ift.tt/s1N2UAJ\nCVE-2024-23655 | tutao tutanota prior 3.119.10 Email denial of service (GHSA-5h47-g927-629g)", "creation_timestamp": "2024-02-18T18:46:58.000000Z"}, {"uuid": "edcfe771-28d3-4694-b45e-be66732a155e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23654", "type": "seen", "source": "https://t.me/ctinow/190154", "content": "https://ift.tt/saOQvL3\nCVE-2024-23654", "creation_timestamp": "2024-02-21T22:26:44.000000Z"}, {"uuid": "a4a9eb72-13e1-470d-93df-f0262b76c28f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23654", "type": "seen", "source": "https://t.me/ctinow/190143", "content": "https://ift.tt/saOQvL3\nCVE-2024-23654", "creation_timestamp": "2024-02-21T22:21:47.000000Z"}, {"uuid": "9ef72b1b-38a8-4068-89b2-e158c6aebc68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23655", "type": "seen", "source": "https://t.me/ctinow/177281", "content": "https://ift.tt/124rFPZ\nCVE-2024-23655 Exploit", "creation_timestamp": "2024-02-01T03:16:28.000000Z"}, {"uuid": "3270acaa-0a13-4636-a43c-d57670334b0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23659", "type": "seen", "source": "https://t.me/ctinow/183293", "content": "https://ift.tt/pnfiI21\nCVE-2024-23659 | SPIP up to 4.1.13/4.2.7 File Upload javascript/bigup.js name cross site scripting", "creation_timestamp": "2024-02-12T17:46:09.000000Z"}, {"uuid": "37d6aee4-27df-4373-bb2e-d6612304fa17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23656", "type": "seen", "source": "https://t.me/ctinow/177280", "content": "https://ift.tt/czduT67\nCVE-2024-23656 Exploit", "creation_timestamp": "2024-02-01T03:16:27.000000Z"}, {"uuid": "da1fcc95-4116-4399-ac12-67918f84034c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23653", "type": "seen", "source": "https://t.me/ctinow/177176", "content": "https://ift.tt/NMRdFh1\nCVE-2024-23653", "creation_timestamp": "2024-01-31T23:26:23.000000Z"}, {"uuid": "bb74acbb-5240-49e1-aaa7-6970e8c7f816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23652", "type": "seen", "source": "https://t.me/ctinow/177175", "content": "https://ift.tt/rnfikmJ\nCVE-2024-23652", "creation_timestamp": "2024-01-31T23:26:22.000000Z"}, {"uuid": "a54a4bab-8942-4d05-8b83-496b99cf9009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23651", "type": "seen", "source": "https://t.me/ctinow/177174", "content": "https://ift.tt/AUpc7rd\nCVE-2024-23651", "creation_timestamp": "2024-01-31T23:26:21.000000Z"}, {"uuid": "8662dbb9-ae5b-48b3-96de-f091c2461fd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23650", "type": "seen", "source": "https://t.me/ctinow/177173", "content": "https://ift.tt/bIK1fk9\nCVE-2024-23650", "creation_timestamp": "2024-01-31T23:26:20.000000Z"}, {"uuid": "c7690e61-136a-4775-9147-7eb4356d6b64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23659", "type": "seen", "source": "https://t.me/ctinow/170063", "content": "https://ift.tt/M1rEvKu\nCVE-2024-23659", "creation_timestamp": "2024-01-19T06:21:35.000000Z"}, {"uuid": "002233e3-2cd3-4cc8-be55-aa93343b3953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23650", "type": "seen", "source": "https://t.me/ctinow/177671", "content": "https://ift.tt/2aFdsU6\nCVE-2024-23650", "creation_timestamp": "2024-02-01T17:01:29.000000Z"}, {"uuid": "2847f966-4af1-4fbd-83e2-e9e1633217f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23652", "type": "seen", "source": "https://t.me/ctinow/177629", "content": "https://ift.tt/fLMRi25\nCVE-2024-23652", "creation_timestamp": "2024-02-01T15:46:44.000000Z"}, {"uuid": "607d1a78-a215-44eb-b797-9be2f36ab838", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23651", "type": "seen", "source": "https://t.me/ctinow/177622", "content": "https://ift.tt/xQnk1jL\nCVE-2024-23651", "creation_timestamp": "2024-02-01T15:41:22.000000Z"}, {"uuid": "67c77864-20e5-4f40-89ee-1609838f3d5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23653", "type": "seen", "source": "https://t.me/ctinow/177621", "content": "https://ift.tt/CEazJ4i\nCVE-2024-23653", "creation_timestamp": "2024-02-01T15:41:21.000000Z"}, {"uuid": "ef63a741-a4b5-4762-b7e9-8f87d575d7a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23656", "type": "seen", "source": "https://t.me/ctinow/173803", "content": "https://ift.tt/5jBV01L\nCVE-2024-23656", "creation_timestamp": "2024-01-25T21:26:45.000000Z"}, {"uuid": "fc1fc02a-1b22-4f31-8794-20c584dc03a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23655", "type": "seen", "source": "https://t.me/ctinow/173802", "content": "https://ift.tt/IVsSer7\nCVE-2024-23655", "creation_timestamp": "2024-01-25T21:26:44.000000Z"}]}