If you use Log4j please update your libraries to the latest non affected version. Recommended version is 2.17.0 . 0-day exploit in the popular Java logging library log4j was discovered that results in Remote Code Execution (RCE) by logging a certain string. https://www.lunasec.io/docs/blog/log4j-zero-day
As docker desktop for Mac/Win licensing is changing it is worth to consider open source alternatives. containerd & Lima might be the right combo for you. Source: https://medium.com/nttlabs/containerd-and-lima-39e0b64d2a59
An attacker can bypass the Management Interface Authentication and execute remote code. 9.8/10 rated CVE for Azure Linux VM users. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-38647
Comments
Post a Comment