From b8add201e5854ac0abafd3abc1e7fc5f5593557e Mon Sep 17 00:00:00 2001
From: Ubuntu <ubuntu@ip-172-26-6-65.ap-northeast-2.compute.internal>
Date: Wed, 24 Sep 2025 02:37:07 +0000
Subject: [PATCH] Add Vulnerable Docker Env

---
 CVE-2024-9264/Dockerfile | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 CVE-2024-9264/Dockerfile

diff --git a/CVE-2024-9264/Dockerfile b/CVE-2024-9264/Dockerfile
new file mode 100644
index 0000000..b1d2edc
--- /dev/null
+++ b/CVE-2024-9264/Dockerfile
@@ -0,0 +1,17 @@
+FROM grafana/grafana:11.0.0-ubuntu
+
+USER root
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    ca-certificates curl unzip \
+ && rm -rf /var/lib/apt/lists/*
+
+RUN curl -L -o /tmp/duckdb.zip \
+      https://github.com/duckdb/duckdb/releases/download/v1.0.0/duckdb_cli-linux-amd64.zip \
+ && unzip /tmp/duckdb.zip -d /usr/local/bin \
+ && chmod +x /usr/local/bin/duckdb \
+ && rm -f /tmp/duckdb.zip
+
+EXPOSE 3000
+
+ENTRYPOINT ["/run.sh"]