Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins – [email protected] (The Hacker News)

– [[{“value”:”Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specific circumstances.
Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity.
“An attacker could exploit a bypass using an API request with Content-Length set”}]]  – Read More  – The Hacker News