161 matches found
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: backup-restore-operator, src, k3s, telegraf, beats-fips, dataplaneapi, cloud-provider-aws, ingress-nginx-controller-fips, libnvidia-container, vault-fips, karpenter, loki, prometheus-mongodb-exporter, kubernetes-dashboard, knative-eventing-fips,...
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: scorecard, rekor, cloud-provider-aws, grafana-operator, k8s-device-plugin, kots, k3s, pinact, cilium, karpenter, redka, kyverno, apko, pulumi, azuredisk-csi, istio, grafana-alloy, traefik, prometheus, src, caddy, cloud-sql-proxy, prometheus-operator, docker-cli-build...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: backup-restore-operator, telegraf, k3s, cloud-provider-aws, packer, gitlab-kas, loki, prometheus-mongodb-exporter, kubernetes-dashboard, knative-eventing-fips, teleport-operator-fips, opentofu, gitlab-rails-ce-fips, docker-cli-buildx, opentofu-fips, commercial-grafan...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: scorecard, podman, rancher, kargo, hcloud, flux-source-controller, falcoctl, step-issuer, vitess, flux-notification-controller, steampipe, gatus, istio, prometheus, caddy, melange, loki, gitlab-runner, argo-events, act, grype, openbao, pulumi-kubernetes-operator,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: podman, opentelemetry-collector, teleport, cert-manager, rancher, cloud-provider-aws, vitess, kots, k3s, kaf, cilium, kyverno, spire-server, istio, prometheus, prometheus-operator, docker-cli-buildx, argo-cd, containerd, fscrypt, buildah, loki, telegraf, zot,...
CVE-2026-53489 vulnerabilities
Vulnerabilities for packages: k3s, beats-fips, kubescape-server, helm-mapkubeapis, consul-k8s, packer, jfrog-cli, neuvector-fips, kubescape-server-fips, helm-fips, neuvector-scanner-fips, gitlab-rails-ce-fips, helm-exporter-fips, docker-cli-buildx, chartmuseum, fuse-overlayfs-snapshotter, skaffol...
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: k3s, kubescape-server, helm-mapkubeapis, consul-k8s, packer, jfrog-cli, neuvector-fips, kubescape-server-fips, helm-fips, neuvector-scanner-fips, gitlab-rails-ce-fips, helm-exporter-fips, docker-cli-buildx, chartmuseum, fuse-overlayfs-snapshotter, skaffold, zarf-fips...
ROOT-APP-GOBINARY-CVE-2025-15558 CVE-2025-15558 in rootio-github.com/docker/cli - Patched by Root
Root has patched CVE-2025-15558 in the rootio-github.com/docker/cli package for Root:Go. Multiple fixed versions available...
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3. A patched version of the package is available...
CVE-2026-6406
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...
Astra Linux – Vulnerability in docker.io
Docker CLI is the command-line interface for the Docker container runtime. A bug was discovered in Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json, which lists a credsStore or credhelpers that cannot be...
[SECURITY] Fedora 42 Update: podman-5.8.2-1.fc42
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
GHSA-PC3F-X583-G7J2 vulnerabilities
Vulnerabilities for packages: eksctl, teleport, juicefs-csi-driver, percona-server-mongodb-operator, k8sgpt-operator, rancher, kargo, velero, kiali, trivy, falcoctl, kubevela, kots, k3s, skaffold, cilium, argo-workflows, istio, kubeflow-pipelines, terraform-provider-kubernetes, k8ssandra-client,...
[SECURITY] Fedora 43 Update: podman-5.8.2-1.fc43
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Docker CLI (CVE-2025-15558)
Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Docker CLI Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: scorecard, modelmesh-runtime-adapter, falco-no-driver, k8sgpt-operator, rancher, kargo, secrets-store-csi-driver-provider-azure, cloud-provider-azure, flux-source-controller, falcoctl, step-issuer, gitaly, terraform-provider-time, cortex, flux-notification-controller...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: backup-restore-operator-fips, cloud-provider-aws, ingress-nginx-controller-fips, libnvidia-container, vault-fips, gitaly, jfrog-cli, gitlab-kas, localstack, ipfs-cluster, helm-fips, gitlab-rails-ce-fips, helm-exporter-fips, docker-cli-buildx, seaweedfs-fips,...
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: backup-restore-operator-fips, cloud-provider-aws, ingress-nginx-controller-fips, libnvidia-container, vault-fips, gitaly, jfrog-cli, gitlab-kas, localstack, ipfs-cluster, helm-fips, gitlab-rails-ce-fips, helm-exporter-fips, docker-cli-buildx, seaweedfs-fips,...
CVE-2026-32281 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-resizer-fips, crossplane-provider-aws-cloudformation-fips, swagger, rancher-telemetry, sftpgo-plugin-pubsub, backup-restore-operator-fips, crossplane-provider-aws-backup-fips, boring-registry, victoriametrics-cluster-fips, volcano,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: kubernetes-csi-external-resizer-fips, crossplane-provider-aws-cloudformation-fips, swagger, rancher-telemetry, sftpgo-plugin-pubsub, backup-restore-operator-fips, crossplane-provider-aws-backup-fips, boring-registry, victoriametrics-cluster-fips, volcano,...