AI Assistant Executes Hidden Commands Embedded in Docker Image Labels. A vulnerability in Docker’s Ask Gordon AI assistant allows attackers to execute malicious commands by hiding them in the container application development platform’s image metadata, said security researchers. Dubbed DockerDash, the vulnerability exploits a failure across Docker’s AI execution chain.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/docker-ai-bug-lets-image-metadata-trigger-attacks-a-30709
