Noma Security today revealed it has discovered a critical security flaw in the AI assistant made available by Docker, Inc.

Container Journal is a leading source of news, analysis, and insights on containerization, Kubernetes, and cloud-native technologies. From container orchestration strategies to microservices architecture best practices, Container Journal covers the latest trends and innovations in the container ecosystem. Developers, DevOps professionals, and IT leaders can stay informed and up-to-date on container technologies, deployment strategies, and industry developments through Container Journal's  coverage.

Container Journal

Noma Security discovered a critical vulnerability called DockerDash in Docker's Ask Gordon AI assistant that allows attackers to compromise environments through malicious metadata labels in Docker images. The flaw exploits a three-stage attack using indirect prompt injection, where the AI assistant reads malicious instructions embedded in Docker LABEL metadata and executes them without human validation through the Model Context Protocol Gateway. A related data exfiltration vulnerability enables attackers to steal sensitive internal data even with read-only permissions. The core issue stems from the AI's inability to distinguish between informational metadata and executable instructions, highlighting broader security risks in AI coding tools being adopted without proper governance controls.

Noma Security Identifies Security Flaw in Docker AI Assistant