Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access
A flaw in Dozzle’s agent-backed shell endpoints allows a user restricted by label filters (for example, label=env=dev) to obtain an interactive root shell in out‑of‑scope containers (for example, env=prod) on the same agent host by directly targeting their container IDs. Note: Tested on v9.0.2 likely affects all versions with agent mode support.