Containers
Welcome back to the security lab! Today, we're dissecting CVE-2025-54867, a crafty vulnerability in the youki container runtime. It’s a classic tale of a trusted component being misled by a simple file system trick—a symbolic link—with potentially disastrous consequences. Grab your favorite beverage; we'
Containers
Executive Summary CVE-2025-0495 is a medium-severity vulnerability affecting Docker Buildx, a Docker CLI plugin that extends build capabilities using BuildKit. The vulnerability stems from the potential leakage of sensitive credentials, specifically authentication tokens for cache backends, into OpenTelemetry traces. When users configure cache backends by directly setting secrets as attribute
TOCTOU
Executive Summary CVE-2024-0132 is a critical Time-of-Check Time-of-Use (TOCTOU) vulnerability affecting the NVIDIA Container Toolkit versions 1.16.1 and earlier. This vulnerability arises when the toolkit is used with its default configuration, potentially allowing a malicious container image to gain unauthorized access to the host file system. Successful exploitation