90 matches found
CVE-2026-55455 Appsmith: SSRF in REST API / GraphQL datasource plugins via insufficient host denylist
Appsmith is a platform to build admin panels, internal tools, and dashboards. Prior to 2.1, the outbound HTTP host filter applied by WebClientUtils used by the REST API and GraphQL datasource plugins validates hosts against an exact-match string denylist. The comprehensive address-class check...
containernetworking-plugins security update
An update is available for containernetworking-plugins. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Container Network Interface CNI project consists of a...
Important: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
Important: Red Hat Security Advisory: containernetworking-plugins security update
An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CVE-2026-32038
OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerability that allows trusted operators to join another container's network namespace. Attackers can configure the docker.network parameter with container: values to reach services in target container namespaces and bypass...
[SECURITY] Fedora 42 Update: containernetworking-plugins-1.9.1-1.fc42
Reference and example networking plugins, maintained by the CNI team. The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only...
[SECURITY] Fedora 43 Update: containernetworking-plugins-1.9.1-1.fc43
Reference and example networking plugins, maintained by the CNI team. The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only...
CVE-2026-32038
OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerability that allows trusted operators to join another container's network namespace. Attackers can configure the docker.network parameter with container: values to reach services in target container namespaces and bypass...
EUVD-2026-13324
OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerability that allows trusted operators to join another container's network namespace. Attackers can configure the docker.network parameter with container: values to reach services in target container namespaces and bypass...
CVE-2026-32038
OpenClaw before 2026.2.24 contains a sandbox network isolation bypass allowing a trusted operator to join another container’s network namespace by configuring the docker.network parameter with container: values. This enables access to services in the target container namespaces and bypasses netwo...
CVE-2026-32038 OpenClaw - Sandbox Network Isolation Bypass via docker.network=container Parameter
OpenClaw before 2026.2.24 contains a sandbox network isolation bypass vulnerability that allows trusted operators to join another container's network namespace. Attackers can configure the docker.network parameter with container: values to reach services in target container namespaces and bypass...
GHSA-WW6V-V748-X7G9 OpenClaw has a sandbox network isolation bypass via docker.network=container:<id>
Summary In [email protected], sandbox network hardening blocks network=host but still allows network=container:. This can let a sandbox join another container's network namespace and reach services available in that namespace. Preconditions and Trust Model Context This issue requires a...
OpenClaw has a sandbox network isolation bypass via docker.network=container:<id>
Summary In [email protected], sandbox network hardening blocks network=host but still allows network=container:. This can let a sandbox join another container's network namespace and reach services available in that namespace. Preconditions and Trust Model Context This issue requires a...
Important: containernetworking-plugins security update
The Container Network Interface CNI project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated...
CVE-2019-14993 vulnerabilities
Vulnerabilities for packages: istio-pilot-agent, istio-operator, istio-pilot-discovery, istio-cni...
[SECURITY] Fedora 42 Update: containernetworking-plugins-1.9.0-1.fc42
Reference and example networking plugins, maintained by the CNI team. The CNI Container Network Interface project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only...
CVE-2025-67499
A flaw was found in the CNI Container Network Interface portmap plugin. This vulnerability allows containers to intercept all traffic destined for a host port via inadvertent forwarding of traffic with the same destination port when the plugin is configured with the nftables backend, ignoring the...
CVE-2025-55670
On BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes systems, repeated undisclosed API calls can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-59781
When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2025-55670
The CVE-2025-55670 entry concerns BIG-IP Next CNF, BIG-IP Next SPK, and BIG-IP Next for Kubernetes. Repeated undisclosed API calls can cause the Traffic Management Microkernel (TMM) to terminate, resulting in DoS for affected systems. Public references (NVD/Red Hat EU V) corroborate the same desc...