541 matches found
GHSA-CM76-QM8V-3J95 vulnerabilities
Vulnerabilities for packages: docker-compose-fips, neuvector-scanner, docker-compose, neuvector, neuvector-fips...
CVE-2023-37273
Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. Running Auto-GPT version prior to 0.4.3 by cloning the git repo and executing docker compose run auto-gpt in the repo root uses a different docker-compose.yml file from the one suggested i...
CVE-2020-11710
An issue was discovered in docker-kong for Kong through 2.0.3. The admin API port may be accessible on interfaces other than 127.0.0.1. NOTE: The vendor argue that this CVE is not a vulnerability because it has an inaccurate bug scope and patch links. “1 Inaccurate Bug Scope - The issue scope was...
CVE-2020-7606
docker-compose-remote-api through 0.1.4 allows execution of arbitrary commands. Within 'index.js' of the package, the function 'execserviceName, cmd, fnStdout, fnStderr, fnExit' uses the variable 'serviceName' which can be controlled by users without any sanitization...
Azure Linux 3.0 Security Update: cf-cli / cni-plugins / containerized-data-importer / docker-compose / kubevirt / sriov-network-device-plugin (CVE-2025-22872)
The version of cf-cli / cni-plugins / containerized-data-importer / docker-compose / kubevirt / sriov-network-device- plugin installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22872 advisory. - The...
CVE-2025-22872 affecting package docker-compose for versions less than 2.27.0-5
CVE-2025-22872 affecting package docker-compose for versions less than 2.27.0-5. A patched version of the package is available...
Exploit for Deserialization of Untrusted Data in Apache Activemq
CVE-2023-46604 !imagehttps://github.com/user-attachments/ass...
Incorrect Default Permissions
Overview docksible is a Deploy and set up Docker Compose based web apps with Ansible Affected versions of this package are vulnerable to Incorrect Default Permissions via the file permissions of docker-compose files. An attacker could gain unauthorized access to sensitive configuration data or...
Exploit for Deserialization of Untrusted Data in Apache Tomcat
CVE-2025-24813-vulhub POC script for the vulhub environment of...
AZL-60557 CVE-2025-22872 affecting package docker-compose for versions less than 2.27.0-5
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...
CVE-2025-0495 vulnerabilities
Vulnerabilities for packages: kubescape, docker-compose...
GHSA-M4GQ-FM9H-8Q75 vulnerabilities
Vulnerabilities for packages: kubescape, docker-compose...
GHSA-265R-HFXG-FHMG vulnerabilities
Vulnerabilities for packages: xeol, osv-scanner, datadog-agent, k3s, flux-source-controller, rancher-fleet, kubevela, dagger, fuse-overlayfs-snapshotter, eksctl, syft, envoy-gateway, skaffold, buildkitd, opa, consul-k8s, k8ssandra-client, opa-envoy, kubescape, teleport, docker, helm-push,...
CVE-2025-0495 vulnerabilities
Vulnerabilities for packages: kubescape, docker-compose-fips, docker-compose...
GHSA-M4GQ-FM9H-8Q75 vulnerabilities
Vulnerabilities for packages: kubescape, docker-compose-fips, docker-compose...
CVE-2024-10846 affecting package docker-compose for versions less than 2.27.0-4
CVE-2024-10846 affecting package docker-compose for versions less than 2.27.0-4. A patched version of the package is available...
CVE-2025-22869 affecting package docker-compose for versions less than 2.27.0-4
CVE-2025-22869 affecting package docker-compose for versions less than 2.27.0-4. A patched version of the package is available...
CVE-2025-27615
umatiGateway is software for connecting OPC Unified Architecture servers with an MQTT broker utilizing JSON messages. The user interface may possibly be publicly accessible with umatiGateway's provided docker-compose file. With this access, the configuration can be viewed and altered. Commit...
CVE-2025-27615 umatiGateway's UI publicly accessible in provided docker-compose file
umatiGateway is software for connecting OPC Unified Architecture servers with an MQTT broker utilizing JSON messages. The user interface may possibly be publicly accessible with umatiGateway's provided docker-compose file. With this access, the configuration can be viewed and altered. Commit...
CVE-2025-27615 umatiGateway's UI publicly accessible in provided docker-compose file
umatiGateway is software for connecting OPC Unified Architecture servers with an MQTT broker utilizing JSON messages. The user interface may possibly be publicly accessible with umatiGateway's provided docker-compose file. With this access, the configuration can be viewed and altered. Commit...