Docker Security

Alpine Linux Docker Image Vulnerability CVE-2019-5021

Attackers can login to root with no password on affected systems On May 8, 2019, a potentially serious vulnerability was announced affecting the Docker Alpine Linux container image. The vulnerability allows an attacker to authenticate as the root user with no password if using Linux PAM or other authentication means. Potentially thousands of downloads of… Read more »

Docker Security

Major Docker Security Hole Discovered

By Fei Huang A new docker vulnerability affecting container security,  CVE-2019-5736 was just announced, with some calling it a ‘Doomsday Docker Security Hole.’ This is just 2 months after the critical Kubernetes vulnerability was reported allowing attackers to take control of the api server. From one of the runc maintainers Aleksa Sarai: Aleksa stated that… Read more »

Container Security

The Implications of Kubernetes Vulnerability CVE-2018-1002105

By Fei Huang Kubernetes critical vulnerability CVE-2018-1002105 was reported this week and the implication is a big warning to the fast-growing, massive DevOps world. The wide adoption of Kubernetes and Docker workloads is no doubt indicative of a disruptive next generation platform technology. But of course, like the dark side of the moon, every big shiny thing… Read more »

Container Security

Critical Kubernetes & OpenShift Vulnerability Exposes API Server

The First Major Vulnerability Discovered in Kubernetes, And It’s A Big One The big news today on the eve of the start of DockerCon EMEA has not been conference related announcements but rather the disclosure of a critical security hole in Kubernetes, and by inheritance, Red Hat OpenShift. This vulnerability, CVE-2018-1002105, is so critical with… Read more »

Container Security

How to Automatically Scan Images Using OpenShift Image Streams

By Selvam Thangaraj The powerful capabilities enabled by OpenShift Image Streams is a welcome addition to the Red Hat OpenShift container platform. As more enterprises begin moving container workloads into production, the requirement to automate both the application management as well as the security tasks in their CI/CD pipeline becomes more critical. OpenShift Image Streams… Read more »