72 matches found
CVE-2025-31973 HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'
HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...
CVE-2025-31973
Technical details for CVE-2025-31973 are not publicly available in the provided documents. Monitor for updates.
PT-2026-42144
HCL BigFix Service Management SM is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images may introduce known vulnerabilities, potentially increasing the risk of exploitation in the application environment...
PT-2026-42219
NVIDIA DGX OS contains a vulnerability in the factory provisioning process, where the cloning of a base image causes identical SSH host keys to be deployed across multiple systems. The sharing of cryptographic identifiers across all similarly provisioned systems enables host impersonation or...
Security Bulletin: NVIDIA DGX Spark - May 2026
NVIDIA has released a software update for NVIDIA® DGX Spark. To protect your system, download and install the latest version of NVIDIA DGX OS from the NVIDIA DGX site. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this security update...
GHSA-78F9-R8MH-4XM2 BentoML Dockerfile command injection via docker.base_image (sister of pending GHSA-w2pm-x38x-jp44 / CVE-2026-33744 / CVE-2026-35043)
The same Dockerfile template that mishandles envs.name pending GHSA-w2pm-x38x-jp44 also interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious bento.yaml with a multi-line docker.baseimage value smuggles arbitrary Dockerfile directives into the generated...
BentoML Dockerfile command injection via docker.base_image (sister of pending GHSA-w2pm-x38x-jp44 / CVE-2026-33744 / CVE-2026-35043)
The same Dockerfile template that mishandles envs.name pending GHSA-w2pm-x38x-jp44 also interpolates docker.baseimage raw with no escaping, newline filtering, or validation. A malicious bento.yaml with a multi-line docker.baseimage value smuggles arbitrary Dockerfile directives into the generated...
Command Injection
Overview bentoml is a BentoML: Build Production-Grade AI Applications Affected versions of this package are vulnerable to Command Injection via the docker.baseimage configuration parameter. An attacker can execute arbitrary commands on the host system by supplying a malicious multi-line value in...
Important: Red Hat Security Advisory: Red Hat Ceph Storage
A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1. This release updates to the latest version...
PT-2026-39663
Name of the Vulnerable Software and Affected Versions BentoML versions prior to 1.4.39 Description BentoML is a Python library used for building online serving systems optimized for AI applications and model inference. The issue occurs because the template src/bentoml/...
Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates
Summary IBM App Connect Enterprise Certified Container ACEcc is built on the Red Hat Universal Base Images. ACEcc operator versions 12.0.23 LTS and 13.1.0 contain fixes to the listed CVEs found in the base images. This bulletin provides patch information to address the reported vulnerabilities...
Moderate: Red Hat Security Advisory: New container image: rhceph-9.0
A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 9.0. This release updates to the latest version...
Important: Red Hat Security Advisory: Red Hat Ceph Storage
A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1. This release updates to the latest version...
HCL AION 安全漏洞
HCL AION is an AI lifecycle management platform from HCL India. HCL AION suffers from a security bypass vulnerability that is caused by a container base image not being properly authenticated. An attacker can exploit the vulnerability to cause the use of an untrusted container image...
Security Bulletin: Security vulnerabilities found in the Red Hat Universal Minimal Base Image shipped with CICS Transaction Gateway for Multiplatforms
Summary Security vulnerabilities found in the Red Hat Universal Base Image Minimal shipped with CICS Transaction Gateway for Multiplatforms. This fix resolves these vulnerability CVE-2025-9230, CVE-2025-9086, CVE-2025-9230. Vulnerability Details CVEID:CVE-2025-11083 DESCRIPTION: A vulnerability h...
List of Security Fixes and Improvements in Veeam Kasten for Kubernetes
Purpose This article describes all security-related fixes and improvements introduced in each release or update of Veeam Kasten for Kubernetes. This article aims to provide our customers' security and compliance teams with detailed information on security improvements. Full product release notes...
Important: Red Hat Security Advisory: Red Hat build of OpenTelemetry 3.9.0 release
Red Hat build of OpenTelemetry 3.9.0 has been released This release of the Red Hat build of OpenTelemetry provides new features, security improvements, and bug fixes. Breaking changes: The deprecated OpenCensus Receiver, which provided backward compatibility with the OpenCensus project for easier...
Important: Red Hat Security Advisory: Red Hat Ceph Storage
A new version of Red Hat build of Ceph Storage has been released The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1. This release updates to the latest version...
Important: Red Hat Security Advisory: Red Hat Update Infrastructure 5 security update
The latest release of Red Hat Update Infrastructure. For more details, see the product documentation. Red Hat Update Infrastructure RHUI container images are based on the latest RHUI RPM packages and the ubi9 or ubi9-init base images. This release updates to the latest version...
GHSA-X9P2-77V6-6VHF FrankenPHP has delayed propagation of security fixes in upstream base images
Delayed propagation of security fixes in upstream base images Summary Vulnerability in base Docker images PHP, Go, and Alpine not automatically propagating to FrankenPHP images. FrankenPHP's container images were previously built only when specific version tags were updated or when manual trigger...