Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2025-1792)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2025-1769)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CBL Mariner 2.0 Security Update: docker-buildx / moby-buildx (CVE-2025-0495)

The version of docker-buildx / moby-buildx installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-0495 advisory. - Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : docker (SUSE-SU-2025:02289-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02289-1 advisory. Update to Docker 28.2.2-ce bsc1243833, bsc1242114: - CVE-2025-0495: Fixed credential leakage to...

CVE-2025-6392

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...

CVE-2025-6392 Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392)

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...

CVE-2025-6392

Brocade SANnav prior to version 2.4.0a exposes database passwords in cleartext in audit logs generated by the daily data dump collector when docker exec commands run. Logs reside on the host VM local audit logs and are not controlled by SANnav, only visible to the host admin. Affected release is ...

CVE-2025-6392 Daily Data Dump Collector logs database password in cleartext when running docker exec commands (CVE-2025-6392)

Brocade SANnav before Brocade SANnav 2.4.0a could log database passwords in clear text in audit logs when the daily data dump collector invokes docker exec commands. These audit logs are the local server VM’s audit logs and are not controlled by SANnav. These logs are only visible to the server...

CVE-2025-53372

node-code-sandbox-mcp is a Node.js–based Model Context Protocol server that spins up disposable Docker containers to execute arbitrary JavaScript. Prior to 1.3.0, a command injection vulnerability exists in the node-code-sandbox-mcp MCP Server. The vulnerability is caused by the unsanitized use o...

CVE-2025-22872 affecting package docker-buildx for versions less than 0.14.0-6

CVE-2025-22872 affecting package docker-buildx for versions less than 0.14.0-6. A patched version of the package is available...

Broadcom Brocade SANnav 日志信息泄露漏洞

Broadcom Brocade SANnav is a storage area network management and automation software platform from Broadcom, Inc. A security vulnerability exists in Broadcom Brocade SANnav versions prior to 2.4.0a, which stems from a daily data dump collector that may record database passwords in plaintext to...

Medium: docker

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: docker Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about Amazon...

Medium: oci-add-hooks

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: oci-add-hooks Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about...

Medium: soci-snapshotter

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: soci-snapshotter Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more abo...

Medium: docker

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: docker Note: This advisory is applicable to Amazon Linux 2 - Nitro-enclaves Extra. Visit this page to learn more about...

Medium: runfinch-finch

Issue Overview: Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive information. CVE-2025-4673 Affected Packages: runfinch-finch Note: This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about...

Medium: docker

Issue Overview: Calling Verify with a VerifyOptions.KeyUsages that contains ExtKeyUsageAny unintentionally disabledpolicy validation. This only affected certificate chains which contain policy graphs, which are rather uncommon. CVE-2025-22874 Proxy-Authorization and Proxy-Authenticate headers...

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2025-066)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-066 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive...

Amazon Linux 2 : docker (ALASDOCKER-2025-070)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-070 advisory. Proxy-Authorization and Proxy-Authenticate headers persisted on cross-origin redirects potentially leaking sensitive...

GHSA-PHHQ-63JG-FP7R Contrast vulnerability allows arbitrary host data Injection into container VOLUME mount points

Background The VOLUME directive in Dockerfiles, or the config.volumes field in OCI image descriptors, indicates filesystem paths "where the process is likely to write data". While these paths have special semantics in Docker, they are only hints in the OCI spec and are not treated specially by...