Security researchers from Imperva have found thousands of Docker hosts exposed to a new vulnerability and exposed remote Docker API. The new research describes the threat along with sample scripts and what can be done about it.
Cisco released security updates for high and moderate severity vulnerabilities in multiple Cisco products, to include HyperFlex and Prime infrastructure. The company also issued an updated advisory for the open container runc vulnerability and latest products impacted.
A serious vulnerability in runc open-source container management has been discovered and patched. runc is used by most of the underlying container engines and runtime, such as Docker, cri-o, containerd, and Kubernetes.