Dokku
Monthly
Container-to-host command execution in Dokku's cron plugin (versions prior to 0.38.7) lets an actor who can control an application's app.json schedule break out of the Docker container and run arbitrary commands on the host as the privileged Dokku user. Because the cron command was interpolated into a shell-evaluated line, special characters such as ';' or '>' were interpreted on the host rather than confined to the container, yielding a scope-changing escape (CVSS 9.9). No public exploit has been identified at time of analysis, but the root cause and fix are fully documented in the vendor advisory and patch.
Arbitrary file write in Dokku before 0.38.2 lets an attacker with deploy-level access escalate to full shell access on the host. The git:from-archive and certs:add commands extract attacker-supplied tar/zip archives without sanitizing member paths, and because GNU tar creates and then follows symlinks during extraction, a crafted archive can plant files anywhere the dokku user can write - most damagingly ~/.ssh/authorized_keys. There is no public exploit identified at time of analysis and CISA SSVC records exploitation as none, but the technical impact is rated total.
OS command execution on the Dokku host is possible through the openresty-vhosts plugin in versions prior to 0.38.2, where custom OpenResty include filenames from an app's git repository are interpolated unescaped into a single-quoted shell string that is later run through eval. An attacker who can deploy a Dokku app with the openresty proxy enabled can plant a file whose name contains a single quote to break the quoting and inject a command substitution, executing arbitrary commands as the dokku user on the next deploy. There is no public exploit identified at time of analysis and it is not in CISA KEV, though the upstream advisory and a security regression test document the mechanism precisely.
Insufficiently protected credential storage in Dokku prior to 0.38.2 exposes git authentication secrets stored in $DOKKU_ROOT/.netrc to any local user who can traverse the Dokku home directory. The git:auth command pre-creates the .netrc file using bash's touch, which applies the process umask (0644) before the netrc binary runs - defeating the netrc binary's own 0600 enforcement because the file already exists at write time. No public exploit code exists and the vulnerability is not in CISA KEV, but the confidentiality impact is rated High given that plaintext git credentials (hostnames, usernames, passwords) are directly readable without any special tooling.
OS command injection in Dokku (the Docker-powered self-hosted PaaS) prior to version 0.38.2 allows an authenticated user with git push access to execute arbitrary shell commands as the privileged dokku user. The flaw stems from a permissive app-name validation regex that accepts shell metacharacters, which are then interpolated unquoted into a generated bash pre-receive hook; a semicolon in the app name terminates the intended command and runs attacker-supplied commands on git push. There is no public exploit identified at time of analysis, but the fix is confirmed in 0.38.2 and the underlying mechanics are fully documented in the GitHub advisory and PR #8590.
Container-to-host command execution in Dokku's cron plugin (versions prior to 0.38.7) lets an actor who can control an application's app.json schedule break out of the Docker container and run arbitrary commands on the host as the privileged Dokku user. Because the cron command was interpolated into a shell-evaluated line, special characters such as ';' or '>' were interpreted on the host rather than confined to the container, yielding a scope-changing escape (CVSS 9.9). No public exploit has been identified at time of analysis, but the root cause and fix are fully documented in the vendor advisory and patch.
Arbitrary file write in Dokku before 0.38.2 lets an attacker with deploy-level access escalate to full shell access on the host. The git:from-archive and certs:add commands extract attacker-supplied tar/zip archives without sanitizing member paths, and because GNU tar creates and then follows symlinks during extraction, a crafted archive can plant files anywhere the dokku user can write - most damagingly ~/.ssh/authorized_keys. There is no public exploit identified at time of analysis and CISA SSVC records exploitation as none, but the technical impact is rated total.
OS command execution on the Dokku host is possible through the openresty-vhosts plugin in versions prior to 0.38.2, where custom OpenResty include filenames from an app's git repository are interpolated unescaped into a single-quoted shell string that is later run through eval. An attacker who can deploy a Dokku app with the openresty proxy enabled can plant a file whose name contains a single quote to break the quoting and inject a command substitution, executing arbitrary commands as the dokku user on the next deploy. There is no public exploit identified at time of analysis and it is not in CISA KEV, though the upstream advisory and a security regression test document the mechanism precisely.
Insufficiently protected credential storage in Dokku prior to 0.38.2 exposes git authentication secrets stored in $DOKKU_ROOT/.netrc to any local user who can traverse the Dokku home directory. The git:auth command pre-creates the .netrc file using bash's touch, which applies the process umask (0644) before the netrc binary runs - defeating the netrc binary's own 0600 enforcement because the file already exists at write time. No public exploit code exists and the vulnerability is not in CISA KEV, but the confidentiality impact is rated High given that plaintext git credentials (hostnames, usernames, passwords) are directly readable without any special tooling.
OS command injection in Dokku (the Docker-powered self-hosted PaaS) prior to version 0.38.2 allows an authenticated user with git push access to execute arbitrary shell commands as the privileged dokku user. The flaw stems from a permissive app-name validation regex that accepts shell metacharacters, which are then interpolated unquoted into a generated bash pre-receive hook; a semicolon in the app name terminates the intended command and runs attacker-supplied commands on git push. There is no public exploit identified at time of analysis, but the fix is confirmed in 0.38.2 and the underlying mechanics are fully documented in the GitHub advisory and PR #8590.