Skip to main content

Snyk Security Labs Research

Featured
Open Source Security

Call for action: Exploring vulnerabilities in Github Actions

In this blog post, we will provide an overview of GitHub Actions, examine various vulnerable scenarios with real-world examples, offer clear guidance on securely using error-prone features, and introduce an open source tool designed to scan configuration files and flag potential issues.

Read now

Editor's Picks

Vulnerability Insights

Leaky Vessels: Docker and runc container breakout vulnerabilities (January 2024)

Application Security

Gitpod remote code execution 0-day vulnerability via WebSockets

Showing 1 - 12 of 20 posts

feature-snyk-platform-learn-getting-snyk-setup

Container Security

Abusing Ubuntu 24.04 features for root privilege escalation

September 9, 2024

feature-snyk-platform-learn-getting-snyk-setup

AI

Agent hijacking: The true impact of prompt injection attacks

August 28, 2024

feature-snyk-platform-learn-using-snyk-with-CI-CD

Security Labs

Vulnerabilities in NodeJS C/C++ add-on extensions

August 14, 2024

blog-feature-open-source-security

Code Security

Repo Jacking: The Great Source-code Swindle

July 25, 2024

wordpress-sync/blog-feature-toolkit

Application Security

Breaking caches and bypassing Istio RBAC with HTTP response header injection

June 20, 2024

feature-getting-snyk-setup

Open Source Security

Call for action: Exploring vulnerabilities in Github Actions

June 6, 2024

feature-leaky-vessels-deep-dive

Container Security

Leaky Vessels deep dive: Escaping from Docker one syscall at a time

February 6, 2024

feature-leaky-vessels-2024-21626

Container Security

Vulnerability: runc process.cwd and leaked fds container breakout (CVE-2024-21626)

January 31, 2024

feature-leaky-vessels-2024-23651

Container Security

Buildkit mount cache race: Build-time race condition container breakout (CVE-2024-23651)

January 31, 2024

feature-leaky-vessels-2024-23652

Container Security

Buildkit build-time container teardown arbitrary delete (CVE-2024-23652)

January 31, 2024

feature-leaky-vessels-2024-23653

Container Security

Buildkit GRPC SecurityMode privilege check: Build-time container breakout (CVE-2024-23653)

January 31, 2024

feature-insights-context

Application Security

SocketSleuth: Improving security testing for WebSocket applications

September 6, 2023

12

Found a vulnerability? We can help you report it.

Using our form, you can disclose vulnerabilities you’ve found or vulnerabilities that are missing from the Snyk Vulnerability Database. We’ll help you verify the vulnerability,  contact the maintainer, and assign a CVE for the issue.

Before submitting a report, please review our disclosure policy, which can be found here.

Report a new vuln