AZL-57374 CVE-2025-22869 affecting package docker-compose for versions less than 2.27.0-4

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

AZL-57362 CVE-2025-22869 affecting package docker-buildx for versions less than 0.14.0-4

SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted...

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2025-050)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-050 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims c...

Amazon Linux 2 : docker (ALASDOCKER-2025-051)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-051 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead ...

GHSA-7WRW-R4P8-38RX vulnerabilities

Vulnerabilities for packages: vt-cli, crossplane-provider-sql, crossplane-provider-azure, kube-bench, php-fpmexporter, haproxy-ingress, kwok, cadvisor, mockgen, litestream, openfga, scorecard, nri-prometheus, nri-rabbitmq, argo-rollouts, kube-rbac-proxy, velero-plugin-for-csi, grpc-health-probe,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: paranoia, ip-masq-agent, configmap-reload, vt-cli, kaf, crossplane-provider-azure, libnvidia-container, kube-bench, rekor, s5cmd, ctop, php-fpmexporter, influx, delve, thanos, frp, cadvisor, kubernetes-dns-node-cache, kwok, metacontroller, tfsec, jitsucom-bulker,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: paranoia, ip-masq-agent, configmap-reload, vt-cli, nuclei, dagger, aws-load-balancer-controller, kaf, crossplane-provider-azure, s5cmd, kube-bench, bazelisk, ctop, php-fpmexporter, influx, cni-plugins, delve, aws-flb-kinesis, haproxy-ingress, kwok, cadvisor,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: paranoia, ip-masq-agent, configmap-reload, vt-cli, nuclei, dagger, aws-load-balancer-controller, kaf, crossplane-provider-azure, s5cmd, kube-bench, bazelisk, ctop, php-fpmexporter, influx, cni-plugins, delve, aws-flb-kinesis, haproxy-ingress, kwok, cadvisor,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: flux, mage, speedtest-go, nfs-subdir-external-provisioner, datadog-agent-fips, kube-logging-logging-operator, kube-logging-operator, prometheus-mongodb-exporter-fips, clusterctl, kustomize, mongo-tools, gops, vertical-pod-autoscaler, docker-cli, kube-rbac-proxy, fq,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: flux, mage, speedtest-go, nfs-subdir-external-provisioner, datadog-agent-fips, kube-logging-logging-operator, kube-logging-operator, prometheus-mongodb-exporter-fips, clusterctl, kustomize, mongo-tools, gops, vertical-pod-autoscaler, docker-cli, kube-rbac-proxy, fq,...

Low: docker

Issue Overview: golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors...

Low: docker

Issue Overview: golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors...

openSUSE Security Advisory (SUSE-SU-2024:4204-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:0586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Low: docker

Issue Overview: golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors...

Low: docker

Issue Overview: golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors...

PT-2025-31369

Name of the Vulnerable Software and Affected Versions Moby versions prior to 28.0.0 Moby version 25.0.13 Description Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products...

CVE-2023-45288 affecting package docker-cli for versions less than 25.0.7-1

CVE-2023-45288 affecting package docker-cli for versions less than 25.0.7-1. An upgraded version of the package is available that resolves this issue...

Ubuntu: Security Advisory (USN-7161-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7161-2 Docker vulnerabilities

USN-7161-1 fixed CVE-2024-29018 in Ubuntu 24.04 LTS. This update fixes it for source package docker.io in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and source package docker.io-app for Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. USN-7161-1 fixed CVE-2024-41110 in Ubuntu 24.10, Ubuntu 24.04 LTS, and Ubuntu...