Moderate: Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.16.2 product release

The components for Red Hat OpenShift for Windows Containers 10.16.2 are now available Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers...

Moderate: Red Hat Security Advisory: containernetworking-plugins security update

An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

TencentOS Server 4: runc (TSSA-2024:0600)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0600 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Important: Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.17.1 product release

The components for Red Hat OpenShift for Windows Containers 10.17.1 are now available Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers...

AZL-63848 CVE-2025-5791 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7

A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...

Security update for docker

This update for docker fixes the following issues: Always clear SUSEConnect suse secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with...

Security update for docker

This update for docker fixes the following issues: Always clear SUSEConnect suse secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with...

Moderate: Red Hat Security Advisory: containernetworking-plugins security update

An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Important: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.7 security and bug fix update

The Migration Toolkit for Containers MTC 1.8.7 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

Security Bulletin: Vulnerability in jjwt may affect IBM Business Automation Workflow - CVE-2024-31033

Summary IBM Business Automation Workflow packages a vulnerable copy of jjwt. Vulnerability Details CVEID:CVE-2024-31033 DESCRIPTION: An unspecified error with ignoring certain characters in jwtk JJWT aka Java JWT has an unknown impact and attack vector. CVSS Base score: 6.8 CVSS Temporal Score:...

[SECURITY] Fedora 42 Update: rust-hashlink-0.10.0-1.fc42

HashMap-like containers that hold their key-value pairs in a user controllable order...

Azure Linux 3.0 Security Update: cloud-hypervisor / kata-containers / kata-containers-cc (CVE-2023-50711)

The version of cloud-hypervisor / kata-containers / kata-containers-cc installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50711 advisory. - vmm-sys-util is a collection of modules that provides helpe...

CBL Mariner 2.0 Security Update: cloud-hypervisor / kata-containers / kata-containers-cc (CVE-2023-50711)

The version of cloud-hypervisor / kata-containers / kata-containers-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-50711 advisory. - vmm-sys-util is a collection of modules that provides helpe...

Important: Red Hat Security Advisory: Red Hat OpenShift for Windows Containers 10.18.1 product release

The components for Red Hat OpenShift for Windows Containers 10.18.1 are now available Red Hat OpenShift for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers...

New Self-Spreading Malware Infects Docker Containers to Mine Dero Cryptocurrency

Misconfigured Docker API instances have become the target of a new malware campaign that transforms them into a cryptocurrency mining botnet. The attacks, designed to mine for Dero currency, is notable for its worm-like capabilities to propagate the malware to other exposed Docker instances and...

Denial Of Service (DoS)

github.com/containerd/containerd is vulnerable to a Denial Of Service DoS. The vulnerability is due to a bug in containerd’s CRI implementation where usernamespaced containers are not placed under Kubernetes' cgroup hierarchy, allowing an attacker to bypass resource limits and potentially exhaust...

Fedora: Security Advisory (FEDORA-2025-908dfe95f6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-20235

A vulnerability in the on-device application development workflow feature for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an authenticated, remote attacker to access the underlying operating system as the root user. This vulnerability exists because Docke...

CVE-2023-50439

ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 ANSSI qualification submission, ZED! for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before Q.2021.2 ANSSI qualification submission, ZONECENTRAL for Windows before 2023.5, or ZEDMAIL for Windows...

Profile Management VHDX auto expansion doesn't work CompactVHDIterations set to 1

Citrix profile Manager is configured with profile containers with the entire profile contained in the container Profile container auto-expansion is enabled Profile container VHD compression is also enabled The number of logoffs to trigger VHD disk compaction is configured to 1 Under the above...