{“lastseen”:”2025-12-19T14:21:00″,”description”:”Pillar Security has identified a critical indirect prompt injection vulnerability in Docker\u2019s \u2018Ask Gordon\u2019 assistant. By poisoning metadata on Docker Hub, attackers could bypass security to exfiltrate private build logs and chat history. Discover how the \\”lethal trifecta\\” enabled this attack and why updating to Docker Desktop 4.50.0 is essential for developer security.”,”published”:”2025-12-19T12:46:37″,”modified”:”2025-12-19T12:46:37″,”type”:”hackread”,”title”:”Docker Fixes \u2018Ask Gordon\u2019 AI Flaw That Enabled Metadata-Based Attacks”,”source”:””,”references”:””,”id”:”HACKREAD:7CF444CBEFE46CDB591B09C30C99DB51″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/hackread.com\/docker-ask-gordon-ai-flaw-metadata-attacks\/”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-12-19T14:21:00″,”description”:”Pillar Security has identified a critical indirect prompt injection vulnerability in Docker\u2019s \u2018Ask Gordon\u2019 assistant. By poisoning metadata on Docker Hub, attackers could bypass security…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,66,13,33,7,11,5],"class_list":["post-32249","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-hackread","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n