281 matches found
[SECURITY] Fedora 42 Update: docker-buildkit-0.25.0-1.fc42
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...
EUVD-2024-0773
Malicious code in bioql PyPI...
EUVD-2024-50278
Malicious code in bioql PyPI...
EUVD-2024-3036
Malicious code in bioql PyPI...
SUSE-SU-2025:03271-2 Security update for busybox, busybox-links
This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...
Security update for busybox, busybox-links
This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584...
Security update for busybox, busybox-links
This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...
SUSE-SU-2025:03205-1 Security update for busybox, busybox-links
This update for busybox, busybox-links fixes the following issues: Updated to version 1.37.0 jscPED-13039: - CVE-2023-42363: Fixed use-after-free vulnerability in xasprintf function in xfuncsprintf.c bsc1217580 - CVE-2023-42364: Fixed use-after-free in the awk.c evaluate function bsc1217584 -...
MaraDNS_1
This is a repository for MaraDNS, a small open-source DNS server. The repository contains various files and scripts for building and testing MaraDNS, including a Dockerfile for creating a Docker image to test installing MaraDNS on a fresh Ubuntu 22.04 virtual machine. The repository includes a...
Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction
...
CLSA-2025-1756932191 buildah: Fix of CVE-2024-9407
CVE-2024-9407: validate input for bind-propagation option in Dockerfile RUN --mount instruction to prevent arbitrary parameter passing and potential file modification...
Linux Distros Unpatched Vulnerability : CVE-2024-23652
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfi...
Linux Distros Unpatched Vulnerability : CVE-2024-23651
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in...
Contrast vulnerability allows arbitrary host data Injection into container VOLUME mount points
Background The VOLUME directive in Dockerfiles, or the config.volumes field in OCI image descriptors, indicates filesystem paths "where the process is likely to write data". While these paths have special semantics in Docker, they are only hints in the OCI spec and are not treated specially by...
TencentOS Server 4: podman (TSSA-2024:0683)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0683 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0241: container-tools:rhel8 (ALINUX3-SA-2024:0241)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0241 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-9341: A flaw was found in Go. Whe...
Docf-Sec-Check - DockF-Sec-Check Helps To Make Your Dockerfile Commands More Secure
DockF-Sec-Check helps to make your Dockerfile commands more secure. Done x First-level security notification in the Dockerfile TODO List Correctly detect the Dockerfile. Second-level security notification in the Dockerfile. Security notification in Docker images. Private Repository Installation...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
Tomcat CVE-2025-24813 playground ===============================...
Linux Distros Unpatched Vulnerability : CVE-2024-9407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this...
Linux Distros Unpatched Vulnerability : CVE-2023-25173
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - containerd is an open source container runtime. A bug was found in containerd prior to versions 1.6.18 and 1.5.18 where supplementary groups are not set up...