26 matches found
Mageia: Security Advisory (MGASA-2025-0189)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2025-0189 Updated docker packages fix security vulnerability
External DNS requests from 'internal' networks could lead to data exfiltration - CVE-2024-29018 We can't determine if docker 24.0.5 is affected but as it is no longer supported we are releasing version 25.0.7, as it is supported and free of the CVE...
Updated docker packages fix security vulnerability
External DNS requests from 'internal' networks could lead to data exfiltration - CVE-2024-29018 We can't determine if docker 24.0.5 is affected but as it is no longer supported we are releasing version 25.0.7, as it is supported and free of the CVE...
USN-7161-3: Docker vulnerability
USN-7161-1 and USN-7161-2 fixed CVE-2024-41110 for source package docker.io in Ubuntu 18.04 LTS and for source package docker.io-app in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 24.10. This update fixes it for source package docker.io in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,...
Azure Linux 3.0 Security Update: moby-engine (CVE-2024-29018)
The version of moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-29018 advisory. - Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, an...
SUSE SLES12 Security Update : docker (SUSE-SU-2025:0992-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:0992-1 advisory. Update to Docker 27.5.1-ce bsc1237335: - CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089...
openSUSE Security Advisory (SUSE-SU-2025:0776-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : docker (SUSE-SU-2025:0776-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0776-1 advisory. Update to Docker 27.5.1-ce bsc1237335: - CVE-2024-29018: External DNS requests from 'internal' networks could lead to data...
Linux Distros Unpatched Vulnerability : CVE-2024-29018
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes...
Security update for docker
This update for docker fixes the following issues: Update to Docker 27.5.1-ce bsc1237335: CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like...
SUSE-SU-2025:0776-1 Security update for docker
This update for docker fixes the following issues: Update to Docker 27.5.1-ce bsc1237335: - CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089...
USN-7161-2: Docker vulnerabilities
USN-7161-1 fixed CVE-2024-29018 in Ubuntu 24.04 LTS. This update fixes it for source package docker.io in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and source package docker.io-app for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. USN-7161-1 fixed CVE-2024-41110 in Ubuntu 24.10, Ubuntu 24.04 LTS, and Ubuntu...
openSUSE Security Advisory (SUSE-SU-2025:0226-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:0226-1 Security update for docker-stable
This update for docker-stable fixes the following issues: - CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltration bsc1234089. - CVE-2024-23650: Fixed possibile BuildKit daemon crash via malicious BuildKit client or frontend request...
SUSE SLES15: docker-stable / docker-stable-bash-completion / etc (SUSE-SU-2025:0226-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0226-1 advisory. - CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltrati...
docker-27.4.1_ce-12.1 on GA media (moderate)
docker-27.4.1ce-12.1 on GA media Announcement ID: openSUSE-SU-2024:14597-1 Rating: moderate Cross-References: CVE-2024-29018 CVSS scores: CVE-2024-29018 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2024-29018 SUSE : 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:...
By registering a domain for which they control the authoritative nameservers, an attacker could arrange for a compromised container (CVE-2024-29018)
github.com/docker/docker/libnetwork is a package that provides a native Go implementation for connecting containers Affected versions of this package are vulnerable to Improper Control of a Resource Through its Lifetime, allowing DNS requests from internal networks to be forwarded to an external...
CVE-2024-29018 affecting package moby-engine for versions less than 24.0.9-9
CVE-2024-29018 affecting package moby-engine for versions less than 24.0.9-9. A patched version of the package is available...
Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1955)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below.
Summary IBM Edge Application Manager 4.5.6 addresses the security vulnerabilities listed in the CVEs below. Vulnerability Details CVEID:CVE-2024-29018 DESCRIPTION: moby could allow a remote attacker to obtain sensitive information, caused by incorrect resource transfer between spheres. By sending...