2670 matches found
Important: Red Hat Security Advisory: updated RHEL-8 based Middleware Containers container images
Updated RHEL-8 based Middleware Containers container images are now available The RHEL-8 based Middleware Containers container images have been updated to address the following security advisory: RHSA-2025:11534 see References Users of RHEL-8 based Middleware Containers container images are advis...
CBL Mariner 2.0 Security Update: kata-containers / kata-containers-cc (CVE-2025-5791)
The version of kata-containers / kata-containers-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5791 advisory. - A flaw was found in the user's crate for Rust. This vulnerability allows...
Azure Linux 3.0 Security Update: kata-containers / kata-containers-cc (CVE-2025-5791)
The version of kata-containers / kata-containers-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-5791 advisory. - A flaw was found in the user's crate for Rust. This vulnerability allows...
Linux Distros Unpatched Vulnerability : CVE-2019-10214
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container...
Azure Linux 3.0 Security Update: kata-containers / kata-containers-cc / rpm-ostree (CVE-2024-27308)
The version of kata-containers / kata-containers-cc / rpm-ostree installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27308 advisory. - Mio is a Metal I/O library for Rust. When using named pipes on...
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto
The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. "Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering...
Important: Red Hat Security Advisory: Red Hat OpenShift sandboxed containers release
Release of Red Hat OpenShift sandboxed containers. Red Hat OpenShift sandboxed containers, based on the Kata Containers project...
SUSE-SU-2025:02554-1 Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer
This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.62.0: Release notes:...
SUSE-SU-2025:2554-1 Security update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer
This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller-container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy-container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.62.0: Release notes:...
CVE-2025-54388
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...
CVE-2025-54388
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...
SUSE-SU-2025:02366-2 Security update for docker
This update for docker fixes the following issues: Update to Docker 28.2.2-ce bsc1243833, bsc1242114: - CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241830. Other bugfixes: - Always clear SUSEConnect sus...
CVE-2025-8283
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...
The vulnerability of the Podman software for managing and launching OCI containers is related to errors in the certificate validation process, allowing an attacker to execute a “man-in-the-middle” attack.
The vulnerability of the Podman software for managing and launching OCI containers is related to errors in the certificate validation process. Exploiting this vulnerability could allow a remote attacker to execute a “man-in-the-middle” attack...
AZL-66008 CVE-2024-58266 affecting package kata-containers 3.2.0.azl2-7
The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may facilitate command injection...
CVE-2017-20198
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
CVE-2017-20198
The Marathon UI in DC/OS 1.9.0 allows unauthenticated users to deploy arbitrary Docker containers. Due to improper restriction of volume mount configurations, attackers can deploy a container that mounts the host's root filesystem / with read/write privileges. When using a malicious Docker image,...
CVE-2017-20198
CVE-2017-20198 affects DC/OS Marathon UI
PT-2025-30583 · Mesosphere +1 · Marathon +2
Name of the Vulnerable Software and Affected Versions: DC/OS versions prior to 1.9.0 Description: The Marathon UI in DC/OS allows unauthenticated users to deploy arbitrary Docker containers. Improper restriction of volume mount configurations allows attackers to deploy a container that mounts the...
SUSE-SU-2025:02366-1 Security update for docker
This update for docker fixes the following issues: Update to Docker 28.2.2-ce bsc1243833, bsc1242114: - CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241830. Other bugfixes: - Always clear SUSEConnect sus...