9118 matches found
CVE-2026-46597 affecting package docker-buildx for versions less than 0.14.0-13
CVE-2026-46597 affecting package docker-buildx for versions less than 0.14.0-13. A patched version of the package is available...
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3
CVE-2026-39821 affecting package docker-cli for versions less than 25.0.7-3. A patched version of the package is available...
CVE-2026-39829 affecting package docker-buildx for versions less than 0.14.0-13
CVE-2026-39829 affecting package docker-buildx for versions less than 0.14.0-13. A patched version of the package is available...
CVE-2026-39832 affecting package docker-buildx for versions less than 0.14.0-13
CVE-2026-39832 affecting package docker-buildx for versions less than 0.14.0-13. A patched version of the package is available...
CVE-2026-46597 affecting package docker-compose for versions less than 2.27.0-11
CVE-2026-46597 affecting package docker-compose for versions less than 2.27.0-11. A patched version of the package is available...
CVE-2026-42506 affecting package docker-buildx for versions less than 0.14.0-13
CVE-2026-42506 affecting package docker-buildx for versions less than 0.14.0-13. A patched version of the package is available...
CVE-2026-39830 affecting package docker-buildx for versions less than 0.14.0-13
CVE-2026-39830 affecting package docker-buildx for versions less than 0.14.0-13. A patched version of the package is available...
CVE-2026-39821 affecting package docker-compose for versions less than 2.27.0-11
CVE-2026-39821 affecting package docker-compose for versions less than 2.27.0-11. A patched version of the package is available...
CVE-2026-27136 affecting package docker-compose for versions less than 2.27.0-11
CVE-2026-27136 affecting package docker-compose for versions less than 2.27.0-11. A patched version of the package is available...
CVE-2026-42506 affecting package docker-compose for versions less than 2.27.0-11
CVE-2026-42506 affecting package docker-compose for versions less than 2.27.0-11. A patched version of the package is available...
CVE-2026-39829 affecting package docker-compose for versions less than 2.27.0-11
CVE-2026-39829 affecting package docker-compose for versions less than 2.27.0-11. A patched version of the package is available...
CVE-2026-39834 affecting package docker-buildx for versions less than 0.14.0-13
CVE-2026-39834 affecting package docker-buildx for versions less than 0.14.0-13. A patched version of the package is available...
CVE-2026-27136 affecting package docker-buildx for versions less than 0.14.0-13
CVE-2026-27136 affecting package docker-buildx for versions less than 0.14.0-13. A patched version of the package is available...
Fedora 44 : docker-compose (2026-3316f97296)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-3316f97296 advisory. - Update to release v5.1.4 - Resolves: rhbz2480186 - Upstream fixes ---- - Update to release v5.1.3 - Resolves rhbz2458697 - Resolves CVE-2026-33747...
Fedora 43 : docker-compose (2026-951a6725b8)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-951a6725b8 advisory. - Update to release v5.1.4 - Resolves: rhbz2480186 - Upstream fixes ---- - Update to release v5.1.3 - Resolves rhbz2458697 - Resolves CVE-2026-33747...
CVE-2026-47125
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/id/templates/variables endpoint, which writes the system-wide .env.global file used for variable substitution in every project's compose file, is missing an admin...
CVE-2026-47179
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.4, ProjectService.GetProjectFileContent returns the contents of any Docker Compose include directive declared in a project's compose file before any path-traversal validation runs. Because...
CVE-2026-45628
Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.29.2 and earlier, Dokploy constructs shell commands using JavaScript template literals and executes them via childprocess.exec which runs through /bin/sh -c. User-supplied branch names, repository URLs, and Docker credentials are...
EUVD-2026-33372
Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/id/volumes/volumeName/browse accepts a path query parameter that is passed to a shell command sh -c "find … | while …" inside an Arcane helper container. The path sanitis...
EUVD-2026-33371
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.0, the unauthenticated GET /api/app-images/logo endpoint reflects a user-supplied color query parameter into the body of an SVG document via strings.ReplaceAll with no escaping. The substitution...