40 matches found
CVE-2026-39834 affecting package moby-engine for versions less than 25.0.3-18
CVE-2026-39834 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...
CVE-2026-39835 affecting package moby-engine for versions less than 25.0.3-18
CVE-2026-39835 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...
CVE-2026-39827 affecting package moby-engine for versions less than 25.0.3-18
CVE-2026-39827 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...
CVE-2026-39821 affecting package moby-engine for versions less than 25.0.3-18
CVE-2026-39821 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...
CVE-2026-46597 affecting package moby-engine for versions less than 25.0.3-18
CVE-2026-46597 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...
CVE-2026-39829 affecting package moby-engine for versions less than 25.0.3-18
CVE-2026-39829 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...
CVE-2026-39830 affecting package moby-engine for versions less than 25.0.3-18
CVE-2026-39830 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...
CVE-2026-39882 affecting package moby-engine for versions less than 25.0.3-17
CVE-2026-39882 affecting package moby-engine for versions less than 25.0.3-17. A patched version of the package is available...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: docker (UTSA-2026-017329)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017329 advisory. moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in...
Oracle Linux 10 / 9 : java-25-openjdk (ELSA-2026-9693)
The remote Oracle Linux 10 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9693 advisory. 1:25.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:25.0.3.0.9-1 - Update to jdk-25.0.3+9 GA - Update release notes to 25.0.3+9 -...
java-25-openjdk security update
1:25.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:25.0.3.0.9-1 - Update to jdk-25.0.3+9 GA - Update release notes to 25.0.3+9 - Update FIPS patch to 57722aab802 version synced with 25.0.3+8 - Drop local libpng patches now JDK-8372534, JDK-8375063 & JDK-8377526 are included upstrea...
CVE-2025-58183 affecting package moby-engine for versions less than 25.0.3-14
CVE-2025-58183 affecting package moby-engine for versions less than 25.0.3-14. A patched version of the package is available...
CVE-2025-66433
HTCondor Access Point (HTCondor) before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. The earliest affected version is 24.7.3. Fixes are available in 24.12.14, 25.0.3, and 25.3.1. Affected platforms and versions are corroborated by ...
CVE-2025-66433
HTCondor Access Point before 25.3.1 allows an authenticated user to impersonate other users on the local machine by submitting a batch job. This is fixed in 24.12.14, 25.0.3, and 25.3.1. The earliest affected version is 24.7.3...
AZL-69302 CVE-2025-58183 affecting package moby-engine for versions less than 25.0.3-14
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a...
CVE-2025-30204 affecting package moby-engine for versions less than 25.0.3-12
CVE-2025-30204 affecting package moby-engine for versions less than 25.0.3-12. A patched version of the package is available...
AZL-57363 CVE-2025-22868 affecting package moby-engine for versions less than 25.0.3-11
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...
OESA-2024-2555 docker security update
Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: moby v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or...
AZL-54357 CVE-2024-45337 affecting package moby-engine for versions less than 25.0.3-9
Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...
OESA-2024-2526 docker security update
Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLay...