DEBIAN-CVE-2025-0838

There exists a heap buffer overflow vulnerable in Abseil-cpp. The sized constructors, reserve, and rehash methods of absl::flat,nodehashset,map did not impose an upper bound on their size argument. As a result, it was possible for a caller to pass a very large size that would cause an integer...

CVE-2025-0113

A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to th...

CVE-2025-0113

A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to th...

CVE-2025-0113 Cortex XDR Broker VM: Unauthorized Access to Broker VM Docker Containers

A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to th...

CVE-2025-0113 Cortex XDR Broker VM: Unauthorized Access to Broker VM Docker Containers

A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to th...

CVE-2025-0113

Summary: CVE-2025-0113 concerns the Palo Alto Networks Cortex XDR Broker VM where a flaw in the network isolation mechanism can let an attacker access Docker containers from the Broker VM’s host network, potentially reading analysis data and Cortex XDR logs. Affected component: Cortex XDR Broker ...

Cortex XDR Broker VM: Unauthorized Access to Broker VM Docker Containers

A problem with the network isolation mechanism of the Palo Alto Networks Cortex XDR Broker VM allows attackers unauthorized access to Docker containers from the host network used by Broker VM. This may allow access to read files sent for analysis and logs transmitted by the Cortex XDR Agent to th...

CVE-2024-24786 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1

CVE-2024-24786 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-24786 affecting package kata-containers for versions less than 3.2.0.azl4-1

CVE-2024-24786 affecting package kata-containers for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-39325 affecting package kata-containers for versions less than 3.2.0.azl4-1

CVE-2023-39325 affecting package kata-containers for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-43806 affecting package kata-containers for versions less than 3.2.0.azl4-1

CVE-2024-43806 affecting package kata-containers for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-43806 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1

CVE-2024-43806 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-39325 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1

CVE-2023-39325 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-45288 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1

CVE-2023-45288 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-45288 affecting package kata-containers for versions less than 3.2.0.azl4-1

CVE-2023-45288 affecting package kata-containers for versions less than 3.2.0.azl4-1. An upgraded version of the package is available that resolves this issue...

Astra Linux – Vulnerability in libpod

A vulnerability was discovered in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang, resulting in a denial of service through an OOM kill when running a malicious image using an automatically assigned user...

Astra Linux – Vulnerability in golang-github-containers-common, libpod

A flaw was discovered in Go. When FIPS mode is enabled on a system, container runtime may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host...

Azure Linux 3.0 Security Update: flux / kata-containers / kata-containers-cc / rust / virtiofsd (CVE-2024-43806)

The version of flux / kata-containers / kata-containers-cc / rust / virtiofsd installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43806 advisory. - Rustix is a set of safe Rust bindings to POSIX-ish...

Azure Linux 3.0 Security Update: kata-containers / rpm-ostree (CVE-2023-26964)

The version of kata-containers / rpm-ostree installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-26964 advisory. - An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2...

ovn: egress ACLs may be bypassed via specially crafted UDP packet

A flaw was found in the Open Virtual Network OVN. Specially crafted UDP packets may bypass egress access control lists ACLs in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized...