Lucene search
K

26 matches found

OpenVAS
OpenVAS
added 2025/06/25 12:0 a.m.4 views

Mageia: Security Advisory (MGASA-2025-0189)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.0075EPSS
Exploits0References5
OSV
OSV
added 2025/06/24 8:11 p.m.5 views

MGASA-2025-0189 Updated docker packages fix security vulnerability

External DNS requests from 'internal' networks could lead to data exfiltration - CVE-2024-29018 We can't determine if docker 24.0.5 is affected but as it is no longer supported we are releasing version 25.0.7, as it is supported and free of the CVE...

7.5CVSS6.6AI score0.0075EPSS
Exploits0References4
Mageia
Mageia
added 2025/06/24 8:11 p.m.7 views

Updated docker packages fix security vulnerability

External DNS requests from 'internal' networks could lead to data exfiltration - CVE-2024-29018 We can't determine if docker 24.0.5 is affected but as it is no longer supported we are releasing version 25.0.7, as it is supported and free of the CVE...

7.5CVSS9.8AI score0.0075EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2025/04/15 2:5 p.m.15 views

USN-7161-3: Docker vulnerability

USN-7161-1 and USN-7161-2 fixed CVE-2024-41110 for source package docker.io in Ubuntu 18.04 LTS and for source package docker.io-app in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. This update fixes it for source package docker.io in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,...

9.9CVSS7.5AI score0.16496EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/04/10 12:0 a.m.18 views

Azure Linux 3.0 Security Update: moby-engine (CVE-2024-29018)

The version of moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29018 advisory. - Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, an...

7.5CVSS7AI score0.0075EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/25 12:0 a.m.13 views

SUSE SLES12 Security Update : docker (SUSE-SU-2025:0992-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:0992-1 advisory. Update to Docker 27.5.1-ce bsc1237335: - CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089...

7.5CVSS6.9AI score0.0075EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/03/06 12:0 a.m.10 views

openSUSE Security Advisory (SUSE-SU-2025:0776-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.1AI score0.0075EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

SUSE SLES15 / openSUSE 15 Security Update : docker (SUSE-SU-2025:0776-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0776-1 advisory. Update to Docker 27.5.1-ce bsc1237335: - CVE-2024-29018: External DNS requests from 'internal' networks could lead to data...

7.5CVSS7AI score0.0075EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2024-29018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes...

7.5CVSS6.8AI score0.0075EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/03/04 2:55 p.m.2 views

Security update for docker

This update for docker fixes the following issues: Update to Docker 27.5.1-ce bsc1237335: CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...

8.2CVSS6.3AI score0.0075EPSS
Exploits0References6
OSV
OSV
added 2025/03/04 2:55 p.m.11 views

SUSE-SU-2025:0776-1 Security update for docker

This update for docker fixes the following issues: Update to Docker 27.5.1-ce bsc1237335: - CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089...

7.5CVSS7.1AI score0.0075EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2025/02/18 8:22 a.m.32 views

USN-7161-2: Docker vulnerabilities

USN-7161-1 fixed CVE-2024-29018 in Ubuntu 24.04 LTS. This update fixes it for source package docker.io in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and source package docker.io-app for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. USN-7161-1 fixed CVE-2024-41110 in Ubuntu 24.10, Ubuntu 24.04 LTS, and Ubuntu...

9.9CVSS7.5AI score0.16496EPSS
Exploits0
OpenVAS
OpenVAS
added 2025/02/18 12:0 a.m.10 views

openSUSE Security Advisory (SUSE-SU-2025:0226-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.9CVSS7AI score0.16496EPSS
Exploits0References5
OSV
OSV
added 2025/01/27 7:26 a.m.13 views

SUSE-SU-2025:0226-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltration bsc1234089. - CVE-2024-23650: Fixed possibile BuildKit daemon crash via malicious BuildKit client or frontend request...

9.9CVSS7.9AI score0.16496EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2025/01/24 12:0 a.m.14 views

SUSE SLES15: docker-stable / docker-stable-bash-completion / etc (SUSE-SU-2025:0226-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0226-1 advisory. - CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltrati...

9.9CVSS7.1AI score0.16496EPSS
Exploits0References11
OPENSUSE Linux
OPENSUSE Linux
added 2024/12/19 12:0 a.m.5 views

docker-27.4.1_ce-12.1 on GA media (moderate)

docker-27.4.1ce-12.1 on GA media Announcement ID: openSUSE-SU-2024:14597-1 Rating: moderate Cross-References: CVE-2024-29018 CVSS scores: CVE-2024-29018 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2024-29018 SUSE : 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:...

8.2CVSS7.2AI score0.0075EPSS
Exploits0
Broadcom
Broadcom
added 2024/11/02 12:0 a.m.22 views

By registering a domain for which they control the authoritative nameservers, an attacker could arrange for a compromised container (CVE-2024-29018)

github.com/docker/docker/libnetwork is a package that provides a native Go implementation for connecting containers Affected versions of this package are vulnerable to Improper Control of a Resource Through its Lifetime, allowing DNS requests from internal networks to be forwarded to an external...

5.9CVSS6AI score0.0075EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/09/13 6:9 p.m.31 views

CVE-2024-29018 affecting package moby-engine for versions less than 24.0.9-9

CVE-2024-29018 affecting package moby-engine for versions less than 24.0.9-9. A patched version of the package is available...

7.5CVSS6.8AI score0.0075EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/07/16 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1955)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS8.8AI score0.02733EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/26 2:33 p.m.78 views

Security Bulletin: IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below.

Summary IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details CVEID:CVE-2024-29018 DESCRIPTION: moby could allow a remote attacker to obtain sensitive information, caused by incorrect resource transfer between spheres. By sending...

7.8CVSS7.6AI score0.01429EPSS
Exploits2Affected Software1
Rows per page
Query Builder