Lucene search
K

19 matches found

OpenVAS
OpenVAS
added 2025/07/18 12:0 a.m.4 views

SUSE: Security Advisory (SUSE-SU-2025:02289-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.4AI score0.00478EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2025/07/15 12:0 a.m.4 views

openSUSE Security Advisory (SUSE-SU-2025:02289-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.4AI score0.00478EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.4 views

Azure Linux 3.0 Security Update: docker-buildx (CVE-2025-0495)

The version of docker-buildx installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0495 advisory. - Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support...

4.1CVSS7.3AI score0.0018EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/07/11 12:0 a.m.6 views

CBL Mariner 2.0 Security Update: docker-buildx / moby-buildx (CVE-2025-0495)

The version of docker-buildx / moby-buildx installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0495 advisory. - Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache...

4.1CVSS7.3AI score0.0018EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/07/10 3:7 p.m.11 views

CVE-2025-0495 affecting package moby-buildx for versions less than 0.7.1-25

CVE-2025-0495 affecting package moby-buildx for versions less than 0.7.1-25. A patched version of the package is available...

4.1CVSS7.3AI score0.0018EPSS
Exploits0
CBLMariner
CBLMariner
added 2025/05/28 9:14 p.m.9 views

CVE-2025-0495 affecting package docker-buildx for versions less than 0.14.0-5

CVE-2025-0495 affecting package docker-buildx for versions less than 0.14.0-5. A patched version of the package is available...

4.1CVSS6.9AI score0.0018EPSS
Exploits0
SUSE Linux
SUSE Linux
added 2025/05/27 8:58 a.m.2 views

Security update for docker

This update for docker fixes the following issues: Update to docker-buildx v0.22.0: CVE-2025-0495: buildx: credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration bsc1239765. CVE-2025-22868: golang.org/x/oauth2/jws:...

8.7CVSS7.3AI score0.00868EPSS
Exploits0References18
Tenable Nessus
Tenable Nessus
added 2025/04/18 12:0 a.m.8 views

SUSE SLES12 Security Update : docker-stable (SUSE-SU-2025:1344-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1344-1 advisory. - CVE-2025-0495: buildx: Fixed credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from...

4.1CVSS7.2AI score0.0018EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/04/18 12:0 a.m.5 views

SUSE SLES12 Security Update : docker (SUSE-SU-2025:1341-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:1341-1 advisory. - Update to docker-buildx v0.22.0 - CVE-2025-0495: Fixed an integer overflow in User ID handling in containerd. bsc1239765 Tenable has extracted the...

4.1CVSS7.3AI score0.0018EPSS
Exploits0References4
Wolfi
Wolfi
added 2025/03/20 4:43 a.m.28 views

CVE-2025-0495 vulnerabilities

Vulnerabilities for packages: kubescape, docker-compose...

4.1CVSS6.4AI score0.0018EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/19 7:40 p.m.11 views

CVE-2025-0495

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...

4.1CVSS7.2AI score0.0018EPSS
Exploits0References1
Chainguard
Chainguard
added 2025/03/18 10:12 p.m.40 views

CVE-2025-0495 vulnerabilities

Vulnerabilities for packages: kubescape, docker-compose, docker-compose-fips...

4.1CVSS6.4AI score0.0018EPSS
Exploits0
NVD
NVD
added 2025/03/17 8:15 p.m.12 views

CVE-2025-0495

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...

4.1CVSS0.0018EPSS
Exploits0References1
Circl
Circl
added 2025/03/17 7:47 p.m.4 views

CVE-2025-0495

creationtimestamp| type| source ---|---|--- 2025-03-17 19:47:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7839 2025-03-17 23:20:11+00:00| seen| https://t.me/cvedetector/20530 2025-03-18 00:01:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkmegwwoj52s 2025-08-12...

4.1CVSS7.7AI score0.0018EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/03/17 7:21 p.m.13 views

CVE-2025-0495 Secrets leakage to telemetry endpoint via cache backend configuration via buildx

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...

4.1CVSS0.0018EPSS
Exploits0References1
OSV
OSV
added 2025/03/17 7:21 p.m.12 views

CVE-2025-0495 Secrets leakage to telemetry endpoint via cache backend configuration via buildx

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...

4.1CVSS6.4AI score0.0018EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/03/17 7:21 p.m.12 views

CVE-2025-0495 Secrets leakage to telemetry endpoint via cache backend configuration via buildx

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...

4.1CVSS7.1AI score0.0018EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/03/17 7:21 p.m.8 views

CVE-2025-0495

Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured in OpenTelemetry...

4.1CVSS7.6AI score0.0018EPSS
Exploits0
CVE
CVE
added 2025/03/17 7:21 p.m.1144 views

CVE-2025-0495

CVE-2025-0495 affects docker-buildx/moby-buildx (Buildx) where credentials set as attribute values in cache-to/cache-from can be captured by OpenTelemetry traces and BuildKit history. Exploitation status is not detailed in the provided sources. The vulnerability does not apply to secrets passed v...

4.1CVSS7AI score0.0018EPSS
Exploits0References1
Rows per page
Query Builder