CVE-2025-0495

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...

buildx 安全漏洞

buildx is a Docker CLI plugin open-sourced by Docker to extend build functionality through BuildKit. A security vulnerability exists in buildx that stems from the possibility that security values may be inadvertently captured in an OpenTelemetry trace when caching backend support credentials...

PT-2025-11542 · Docker +4 · Buildx +4

Name of the Vulnerable Software and Affected Versions: Buildx versions affected versions not specified Description: The issue concerns the Buildx Docker CLI plugin, which extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values ...

CVE-2025-22869 affecting package docker-buildx for versions less than 0.14.0-4

CVE-2025-22869 affecting package docker-buildx for versions less than 0.14.0-4. A patched version of the package is available...

AZL-57362 CVE-2025-22869 affecting package docker-buildx for versions less than 0.14.0-4

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

Azure Linux 3.0 Security Update: cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt (CVE-2023-48795)

The version of cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-48795 advisory. - The SSH transport protocol with certain...

Security update for docker

This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...

SUSE-SU-2025:20110-1 Security update for docker

This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...

CVE-2024-45338 affecting package docker-buildx for versions less than 0.14.0-3

CVE-2024-45338 affecting package docker-buildx for versions less than 0.14.0-3. A patched version of the package is available...

CVE-2024-45337 affecting package docker-buildx for versions less than 0.14.0-2

CVE-2024-45337 affecting package docker-buildx for versions less than 0.14.0-2. A patched version of the package is available...

SUSE SLES15 / openSUSE 15 : Recommended update for docker-stable (SUSE-SU-SUSE-RU-2024:4391-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-RU-2024:4391-1 advisory. - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last...

SUSE-RU-2024:4391-1 Recommended update for docker-stable

This update for docker-stable fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Dock...

AZL-54404 CVE-2024-45338 affecting package docker-buildx for versions less than 0.14.0-3

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

CVE-2024-24786 affecting package moby-buildx for versions less than 0.7.1-24

CVE-2024-24786 affecting package moby-buildx for versions less than 0.7.1-24. A patched version of the package is available...

SUSE SLES15 / openSUSE 15 Security Update : docker (SUSE-SU-2024:4360-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4360-1 advisory. - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: -...

Security update for docker

This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...

SUSE-SU-2024:4360-1 Security update for docker

This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...

SUSE SLES12 Security Update : docker (SUSE-SU-2024:4319-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4319-1 advisory. - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file...

Security update for docker

This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...

SUSE-SU-2024:4319-1 Security update for docker

This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...