CVE-2026-24740

Name of the Vulnerable Software and Affected Versions Dozzle versions prior to 9.0.3

Description A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters to obtain an interactive root shell in out‑of‑scope containers on the same agent host by directly targeting their container IDs. When SIMPLE auth is enabled, Dozzle supports per‑user label filters in users.yaml to restrict which containers a user can interact with. These filters are not correctly enforced when resolving a container by ID for agent-backed hosts, allowing a user to bypass the intended label-based isolation between environments. Specifically, the FindContainer function ignores label scope, while the ListContainers function correctly applies the filters. An authenticated user with shell access can establish an interactive exec session into a container they should not have access to by calling the /api/hosts/{hostId}/containers/{containerId}/exec (or /attach) endpoint with a valid JWT and the target container ID. This issue allows a user who should be constrained to a specific label set to gain full interactive access to containers with other labels on the same agent host, provided they can obtain the target container ID. The /api/hosts/{hostId}/containers/{containerId}/exec and /attach are the API endpoints involved. The userLabels variable is used in the filtering process.

Recommendations Update to version 9.0.3 or later.