A new critical vulnerability, Leaky Vessels, was publicly disclosed on 2024-01-31 and is making global headlines. The Snyk Security Labs team identified 4 critical/high severity vulnerabilities that allow a malicious attacker to break out of a container environment with a controlled Dockerfile under docker build and, in one case, docker run. These vulnerabilities have been assigned CVE-2024-21626, CVE-2024-23651, CVE-2024-23653, and CVE-2024-23652.

It can impact many containers at build and runtime, allowing attackers to escape from the container and access the underlying infrastructure and other workloads.

Join Snyk technical experts on February 6th at 11am ET as they provide an in-depth technical review of one of the Leaky Vessels vulnerabilities, what caused it, how it can be exploited, and, most importantly, how it can be mitigated through upgrades and monitoring.

We'll cover:

• The background and scope behind the Leaky Vessels vulnerability.
• How we discovered the vuln.
• How the vuln can be exploited with live examples.
• How to mitigate the risk in your environment.
• How you can stay up to date with the most critical vulnerabilities in your environment.