EUVD-2026-31484

The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...

Docker: `PUT /containers/{id}/archive` executes container binary on the host

Summary When a user uploads a compressed archive into a container, a malicious image can execute arbitrary code with daemon host root privileges. Details When handling PUT /containers/id/archive requests with compressed archives, the daemon decompresses them using external system binaries. Due to...

PT-2026-41036

Name of the Vulnerable Software and Affected Versions Portainer Community Edition versions 2.33.0 through 2.33.7 Portainer Community Edition versions 2.39.0 through 2.39.1 Portainer Community Edition versions 2.40.0 through 2.40.x Portainer Community Edition versions prior to 2.33.0 Description...

EUVD-2020-21940

Malware in sbrugna...

EUVD-2019-0160

Malware in sbrugna...

EUVD-2024-52170

Malicious code in bioql PyPI...

CVE-2025-54410 Moby's Firewalld reload removes bridge network isolation

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...

SUSE-SU-2025:02366-2 Security update for docker

This update for docker fixes the following issues: Update to Docker 28.2.2-ce bsc1243833, bsc1242114: - CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241830. Other bugfixes: - Always clear SUSEConnect sus...

CVE-2025-53372

CVE-2025-53372 concerns the node-code-sandbox-mcp MCP Server (Node.js) prior to version 1.3.0, which is vulnerable to command injection through unsanitized input used in a call to a shell command via child_process.execSync. Exploitation can allow remote code execution with the server process’s pr...

PT-2025-25764 · Unknown +3 · Portainer Community Edition +4

Name of the Vulnerable Software and Affected Versions: Portainer Community Edition versions prior to 2.31.0 STS and prior to 2.27.7 LTS Description: The issue affects a lightweight service delivery platform for containerized applications, allowing management of Docker, Swarm, Kubernetes, and ACI...

SUSE-SU-2025:20393-1 Security update for docker

This update for docker fixes the following issues: Always clear SUSEConnect suse secrets when starting containers regardless of whether the daemon was built with SUSEConnect support. Not doing this causes containers from SUSEConnect-enabled daemons to fail to start when running with...

PT-2025-20883 · Undefined · Undefined

2025-05-13 19:01:23.477089 UTC +09:00 1. CVE-2025-41645 CERTVDE SMA: Sunny Portal demo system privilege escalation An unauthenticated remote attacker could use a demo account of the portal to hijack devices that were created in that account by mistake. https://vulners.com/cve/CVE-2025-41645...

Important: docker

Issue Overview: The net/http package accepted data in the chunked transfer encoding containing an invalid chunk-size line terminated by a bare LF. When used in conjunction with a server or proxy which incorrectly interprets a bare LF in a chunk extension as part of the extension, this could permi...

Amazon Linux 2 : docker (ALASECS-2025-061)

The version of docker installed on the remote host is prior to 20.10.17-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-061 advisory. In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection...

Security update for docker

This update for docker fixes the following issues: Update to docker-buildx v0.22.0 CVE-2025-0495: Fixed an integer overflow in User ID handling in containerd. bsc1239765 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

SUSE-SU-2025:1102-1 Security update for docker, docker-stable

This update for docker, docker-stable fixes the following issues: - CVE-2025-22868: Fixed unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239185. - CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239322. - CVE-2024-29018:...

SUSE-SU-2025:20259-1 Security update for docker

This update for docker fixes the following issues: - This update includes fixes for: CVE-2024-41110: Fixed Authz zero length regression bsc1228324 CVE-2023-47108: Fixed otelgrpc: DoS vulnerability in otelgrpc uncontrolled resource consumption due to unbound cardinality bsc1217070 bsc1229806...

Security update for docker

This update for docker fixes the following issues: This update includes fixes for: CVE-2024-41110: Fixed Authz zero length regression bsc1228324 CVE-2023-47108: Fixed otelgrpc: DoS vulnerability in otelgrpc uncontrolled resource consumption due to unbound cardinality bsc1217070 bsc1229806...

SUSE-SU-2025:0776-1 Security update for docker

This update for docker fixes the following issues: Update to Docker 27.5.1-ce bsc1237335: - CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089...

Linux Distros Unpatched Vulnerability : CVE-2014-5277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to...