Fedora 42 : docker-buildkit (2025-308cf4259b)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-308cf4259b advisory. Update to release v0.26.1 ---- - Update to release v0.26.0 - Resolves: rhbz2412681, rhbz2412761 - Upstream new features and fixes - dependency...

Duplicate Advisory: Authentication Bypass via Default JWT Secret in NocoBase docker-compose Deployments

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mv7p-34fv-4874. This link is maintained to preserve external references. Original Description A vulnerability was detected in nocobase up to 1.9.4/2.0.0-alpha.37. The affected element is an unknown function of t...

Exploit for CVE-2025-1337

CVE‑2025‑1337 — Intentional Remote Code Execution Training Mac...

Command Injection

Overview mcp-docker is a Model Context Protocol server for Docker management with AI assistants Affected versions of this package are vulnerable to Command Injection due to insufficient validation of list-format commands in the dockerexeccommand tool. The dockerexeccommand tool accepts a...

BIT-FLUENT-BIT-2025-12970 CVE-2025-12970

The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...

CVE-2025-64751

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.4.0 to v1.11.0 openfga-0.1.34 = Helm chart = openfga-0.2.48, v.1.4.0 = docker = v.1.11.0 are vulnerable to improper policy enforcement when certain Check and...

BackportBench: A Multilingual Benchmark for Automated Backporting of Patches

Many modern software projects evolve rapidly to incorporate new features and security patches. It is important for users to update their dependencies to safer versions, but many still use older, vulnerable package versions because upgrading can be difficult and may break their existing codebase...

Fedora: Security Advisory (FEDORA-2025-264853458b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-1ccd7dbf40)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-308cf4259b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for CVE-2021-21980

Clippy of the Dead - CVE-2021-21980 testing environment and Nucl...

[SECURITY] Fedora 41 Update: docker-buildkit-0.26.1-1.fc41

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

[SECURITY] Fedora 41 Update: docker-buildx-0.30.1-1.fc41

Docker CLI plugin for extended build capabilities with BuildKit...

[SECURITY] Fedora 42 Update: docker-buildkit-0.26.1-1.fc42

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

Exploit for Race Condition in Vercel Next.Js

CVE-2025-32421---Race-Condition-Vulnerability---Next.js PoC La...

[SECURITY] Fedora 42 Update: docker-buildx-0.30.1-1.fc42

Docker CLI plugin for extended build capabilities with BuildKit...

[SECURITY] Fedora 43 Update: docker-buildkit-0.26.1-1.fc43

Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...

[SECURITY] Fedora 43 Update: docker-buildx-0.30.1-1.fc43

Docker CLI plugin for extended build capabilities with BuildKit...

Fedora 42 : docker-buildx (2025-04cf139ee2)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-04cf139ee2 advisory. - Update to release v0.30.1 - Upstream fix ---- - Update to release v0.30.0 - Resolves: rhbz2413270 - Resolves: rhbz2407614, rhbz2407881, rhbz240815...

CVE-2025-12970

The extractname function in Fluent Bit indocker input plugin copies container names into a fixed size stack buffer without validating length. An attacker who can create containers or control container names, can supply a long name that overflows the buffer, leading to process crash or arbitrary...