161 matches found
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: dapr, kube-arangodb-fips, apko, gatekeeper-fips, docker, cilium-fips, tekton-pipelines-fips, cerbos, azurefile-csi, commercial-spilo, knative-operator-fips, authentik, docker-cli-fips, kube-fluentd-operator, libnvidia-container, buildah-fips, src, elastic-agent-fips,...
GHSA-XCGV-8MV7-V8C7 vulnerabilities
Vulnerabilities for packages: scorecard, azuredisk-csi, vexctl, nerdctl, istio, zarf, docker-cli-buildx, hubble, kubernetes-dashboard, dapr, loki, src, rekor, grafana, pulumi, kine, helm, pulumi-language-yaml, grafana-operator, karpenter, pulumi-language-dotnet, undock, cerbos, cloud-sql-proxy,...
GHSA-9M57-25V3-79X9 vulnerabilities
Vulnerabilities for packages: commercial-grafana, omnictl-multiarch-fips, kube-arangodb-fips, gatekeeper-fips, tekton-pipelines-fips, buildah-fips, elastic-agent-fips, gitlab-kas, argo-workflows-fips, knative-eventing-fips, terraform-fips, fscrypt, mattermost-fips, opentofu-fips, gitlab-rails-ce,...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: terragrunt, kaf, witness, ksops, terraform-provider-tls, teleport, helm, zot, prometheus, crossplane-provider-family-azure, gitea, k8sgpt, steampipe, grype, terraform-provider-azurerm, cosign, flux, prometheus-operator, aactl, cilium, chisel, trivy, kyverno,...
GHSA-JPPX-RXG9-JMRX vulnerabilities
Vulnerabilities for packages: nerdctl, istio, docker-cli-buildx, kubernetes-dashboard, kaf, loki, external-dns, teleport, kine, helm, spire-server, containerd, kubernetes, minio, zot, prometheus, podman, vitess, argo-cd, telegraf, flux, prometheus-operator, aactl, cilium, gitlab-kas, cert-manager...
CVE-2026-53489 vulnerabilities
Vulnerabilities for packages: kube-arangodb-fips, kaniko, docker, tekton-pipelines-fips, consul-k8s, gatekeeper, beats, neuvector, kubescape-operator, neuvector-fips, kubevela, crossplane-fips, tigera-operator-fips, headlamp, scorecard, cg, wolfictl, kargo, xeol-fips, skaffold-fips,...
GHSA-XHF5-7WJV-PQXP vulnerabilities
Vulnerabilities for packages: kube-arangodb-fips, kaniko, docker, consul-k8s, gatekeeper, neuvector, kubescape-operator, neuvector-fips, kubevela, crossplane-fips, tigera-operator-fips, headlamp, scorecard, cg, wolfictl, kargo, xeol-fips, skaffold-fips, kubescape-operator-fips, gitlab-rails-ce,...
ROOT-APP-GOBINARY-CVE-2025-15558 CVE-2025-15558 in rootio-github.com/docker/cli - Patched by Root
Root has patched CVE-2025-15558 in the rootio-github.com/docker/cli package for Root:Go. Multiple fixed versions available...
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3. A patched version of the package is available...
CVE-2026-6406
The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation ECI restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket flag adds the Docker...
Astra Linux – Vulnerability in docker.io
Docker CLI is the command-line interface for the Docker container runtime. A bug was discovered in Docker CLI where running docker login my-private-registry.example.com with a misconfigured configuration file typically /.docker/config.json, which lists a credsStore or credhelpers that cannot be...
[SECURITY] Fedora 42 Update: podman-5.8.2-1.fc42
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
GHSA-PC3F-X583-G7J2 vulnerabilities
Vulnerabilities for packages: eksctl, trivy-operator, zarf, istio, docker-cli-buildx, k9s, hubble, juicefs-csi-driver, kargo, kpt, kwok, kubernetes-dashboard-api, sonobuoy, dynamic-localpv-provisioner, teleport, jitsucom-bulker, kubernetes, postgres-operator, k8ssandra-client, falcoctl,...
[SECURITY] Fedora 43 Update: podman-5.8.2-1.fc43
podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...
Security Bulletin: IBM Planning Analytics Cartridge has addressed a security vulnerability in Docker CLI (CVE-2025-15558)
Summary IBM Planning Analytics Cartridge is considered affected by a vulnerability in Docker CLI Vulnerability Details CVEID:CVE-2025-15558 DESCRIPTION: Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A...
GHSA-7MR4-XJXG-34G6 vulnerabilities
Vulnerabilities for packages: vexctl, hubble, grpcurl, kaf, etcd, gitness, chartmuseum, witness, kubernetes-dashboard-api, flux-image-reflector-controller, helm-mapkubeapis, secrets-store-csi-driver-provider-azure, aws-flb-kinesis, gcsfuse, grafana, terraform-provider-tls,...
CVE-2026-32288 vulnerabilities
Vulnerabilities for packages: malcontent, cerbos, azurefile-csi, gitlab-pages, vault-benchmark, goreleaser, argo-workflows-fips, xeol-fips, opentofu-fips, dask-gateway, gitlab-kas-fips, task, prometheus, falcoctl-fips, mailpit, cert-manager, k3s, jsonnet-bundler, nsc-fips,...
GHSA-X4JJ-H2V8-HQQV vulnerabilities
Vulnerabilities for packages: malcontent, cerbos, azurefile-csi, gitlab-pages, vault-benchmark, goreleaser, argo-workflows-fips, xeol-fips, opentofu-fips, dask-gateway, gitlab-kas-fips, task, prometheus, falcoctl-fips, mailpit, cert-manager, k3s, jsonnet-bundler, nsc-fips,...
GHSA-JRG3-GFJW-HM96 vulnerabilities
Vulnerabilities for packages: kor, secrets-store-csi-driver-provider-aws-fips, promxy, malcontent, cerbos, dragonfly-operator-fips, langfuse-fips, spicedb-operator, cluster-api-ipam-provider-in-cluster, aws-privateca-issuer, nri-rabbitmq-fips, azurefile-csi, neuvector, secrets-store-csi-driver,...
CVE-2026-32283 vulnerabilities
Vulnerabilities for packages: kor, secrets-store-csi-driver-provider-aws-fips, promxy, malcontent, cerbos, dragonfly-operator-fips, langfuse-fips, spicedb-operator, cluster-api-ipam-provider-in-cluster, aws-privateca-issuer, nri-rabbitmq-fips, azurefile-csi, neuvector, secrets-store-csi-driver,...