19 matches found
SUSE: Security Advisory (SUSE-SU-2025:02289-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:02289-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: docker-buildx (CVE-2025-0495)
The version of docker-buildx installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0495 advisory. - Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support...
CBL Mariner 2.0 Security Update: docker-buildx / moby-buildx (CVE-2025-0495)
The version of docker-buildx / moby-buildx installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0495 advisory. - Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache...
CVE-2025-0495 affecting package moby-buildx for versions less than 0.7.1-25
CVE-2025-0495 affecting package moby-buildx for versions less than 0.7.1-25. A patched version of the package is available...
CVE-2025-0495 affecting package docker-buildx for versions less than 0.14.0-5
CVE-2025-0495 affecting package docker-buildx for versions less than 0.14.0-5. A patched version of the package is available...
Security update for docker
This update for docker fixes the following issues: Update to docker-buildx v0.22.0: CVE-2025-0495: buildx: credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239765. CVE-2025-22868: golang.org/x/oauth2/jws:...
SUSE SLES12 Security Update : docker-stable (SUSE-SU-2025:1344-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1344-1 advisory. - CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from...
SUSE SLES12 Security Update : docker (SUSE-SU-2025:1341-1)
The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1341-1 advisory. - Update to docker-buildx v0.22.0 - CVE-2025-0495: Fixed an integer overflow in User ID handling in containerd. bsc1239765 Tenable has extracted the...
CVE-2025-0495 vulnerabilities
Vulnerabilities for packages: kubescape, docker-compose...
CVE-2025-0495
Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...
CVE-2025-0495 vulnerabilities
Vulnerabilities for packages: kubescape, docker-compose, docker-compose-fips...
CVE-2025-0495
Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...
CVE-2025-0495
creationtimestamp| type| source ---|---|--- 2025-03-17 19:47:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7839 2025-03-17 23:20:11+00:00| seen| https://t.me/cvedetector/20530 2025-03-18 00:01:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkmegwwoj52s 2025-08-12...
CVE-2025-0495 Secrets leakage to telemetry endpoint via cache backend configuration via buildx
Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...
CVE-2025-0495 Secrets leakage to telemetry endpoint via cache backend configuration via buildx
Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...
CVE-2025-0495 Secrets leakage to telemetry endpoint via cache backend configuration via buildx
Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...
CVE-2025-0495
Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...
CVE-2025-0495
CVE-2025-0495 affects docker-buildx/moby-buildx (Buildx) where credentials set as attribute values in cache-to/cache-from can be captured by OpenTelemetry traces and BuildKit history. Exploitation status is not detailed in the provided sources. The vulnerability does not apply to secrets passed v...