Lucene search
K

31 matches found

OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.9 views

openSUSE Security Advisory (SUSE-SU-2024:0586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7AI score0.02983EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2025/02/18 12:0 a.m.10 views

openSUSE Security Advisory (SUSE-SU-2025:0226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS7AI score0.16496EPSS
Exploits0References5
OSV
OSV
added 2025/02/03 9:18 a.m.3 views

SUSE-SU-2025:20107-1 Security update for buildkit

This update for buildkit fixes the following issues: - Update to version 0.12.5: update runc to v1.1.12 exec: add extra validation for submount sources fixes CVE-2024-23651, bsc1219267 oci: fix error handling on submount calls executor: recheck mount stub path within root after container run fixe...

10CVSS6.7AI score0.02983EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2024/12/13 12:0 a.m.5 views

docker-stable-24.0.9_ce-4.1 on GA media (moderate)

docker-stable-24.0.9ce-4.1 on GA media Announcement ID: openSUSE-SU-2024:14571-1 Rating: moderate Cross-References: CVE-2024-23653 CVSS scores: CVE-2024-23653 SUSE : 7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can n...

7CVSS9.2AI score0.02983EPSS
Exploits0
Broadcom
Broadcom
added 2024/11/02 12:0 a.m.10 views

Container vulnerabilities in Brocade SANnav docker containers (CVE-2024-23653 & CVE-2024-21626)

Brocade Security is aware of multiple vulnerabilities affecting Brocade SANnav docker container CVE-2024-23653 & CVE-2024-21626. CVE-2024-23653: Interactive containers API does not validate entitlements check. Description: Buildkit GRPC Security Mode privilege check: Build-time container breakout...

9.8CVSS7.5AI score0.18087EPSS
Exploits18
OpenVAS
OpenVAS
added 2024/09/06 12:0 a.m.18 views

openSUSE Security Advisory (SUSE-SU-2024:3120-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.16496EPSS
Exploits0References15
OpenVAS
OpenVAS
added 2024/09/04 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2024:3120-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.4AI score0.16496EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2024/09/04 12:0 a.m.45 views

SUSE SLES15: buildah / docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2024:3120-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3120-1 advisory. Changes in docker: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts bsc1219267 -...

10CVSS7.2AI score0.16496EPSS
Exploits0References27
OSV
OSV
added 2024/09/03 3:13 p.m.19 views

SUSE-SU-2024:3120-1 Security update for buildah, docker

This update for buildah, docker fixes the following issues: Changes in docker: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts bsc1219267 - CVE-2024-23652: Fixed insufficient validation of parent directory on mount bsc1219268 - CVE-2024-23653: Fixed insufficient...

10CVSS8.4AI score0.16496EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2024/08/29 12:0 a.m.38 views

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2024-045)

The version of docker installed on the remote host is prior to 25.0.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2024-045 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body ...

10CVSS7AI score0.02983EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2024/08/08 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2024:2801-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.3AI score0.16496EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/07/10 12:0 a.m.27 views

GLSA-202407-25 : Buildah: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202407-25 Buildah: Multiple Vulnerabilities Please review the referenced CVE identifiers for details. Tenable has extracted the preceding description block directly from the Gentoo Linux security advisory. Note that Nessus has not...

10CVSS7.4AI score0.02983EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.29 views

CBL Mariner 2.0 Security Update: docker-compose / moby-engine / docker-buildx / moby-cli (CVE-2024-23653)

The version of docker-compose / moby-engine / docker-buildx / moby-cli installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23653 advisory. - BuildKit is a toolkit for converting source code to build...

9.8CVSS6.9AI score0.02983EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/05/17 9:38 p.m.17 views

CVE-2024-23653 affecting package docker-buildx for versions less than 0.14.0-1

CVE-2024-23653 affecting package docker-buildx for versions less than 0.14.0-1. An upgraded version of the package is available that resolves this issue...

9.8CVSS6.6AI score0.02983EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/05/17 9:38 p.m.47 views

CVE-2024-23653 affecting package docker-compose for versions less than 2.27.0-1

CVE-2024-23653 affecting package docker-compose for versions less than 2.27.0-1. An upgraded version of the package is available that resolves this issue...

9.8CVSS6.6AI score0.02983EPSS
Exploits0
OSV
OSV
added 2024/04/29 3:59 p.m.9 views

SUSE-SU-2024:1469-1 Security update for docker

This update for docker fixes the following issues: - CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts bsc1219267 - CVE-2024-23652: Fixed insufficient validation of parent directory on mount bsc1219268 - CVE-2024-23653: Fixed insufficient validation on entitlement on...

10CVSS7.2AI score0.02983EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/04/08 12:0 a.m.28 views

SUSE SLES15 Security Update : docker (SUSE-SU-2024:0586-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0586-2 advisory. Vendor latest buildkit v0.11 including bugfixes for the following: CVE-2024-23653: BuildKit API doesn't validate entitlement on...

10CVSS7.2AI score0.02983EPSS
Exploits0References10
CBLMariner
CBLMariner
added 2024/03/19 5:21 p.m.26 views

CVE-2024-23653 affecting package moby-engine for versions less than 25.0.3-1

CVE-2024-23653 affecting package moby-engine for versions less than 25.0.3-1. An upgraded version of the package is available that resolves this issue...

9.8CVSS9.6AI score0.02983EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/03/06 12:0 a.m.123 views

Amazon Linux 2023 : docker (ALAS2023-2024-542)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-542 advisory. 2024-08-28: CVE-2023-45289 was added to this advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from...

10CVSS6.9AI score0.02983EPSS
Exploits0References16
OpenVAS
OpenVAS
added 2024/02/23 12:0 a.m.31 views

SUSE: Security Advisory (SUSE-SU-2024:0586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7AI score0.02983EPSS
Exploits0References6
Rows per page
Query Builder