CVE-2024-45338 vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator, bank-vaults, loki, vcluster, wireguard-go, eksctl, flannel, opentelemetry-collector, step, cri-tools, malcontent, ip-masq-agent, opa-envoy, crossplane-provider-azure-managedidentity, tailscale, stakater-reloader, terragrunt,...

CVE-2024-45338 vulnerabilities

Vulnerabilities for packages: rabbitmq-cluster-operator-fips, cloud-provider-gcp-cloud-controller-manager-fips, zarf, istio-operator, amazon-cloudwatch-agent-operator, kyverno, authservice, wavefront-collector-for-kubernetes, prometheus-pushgateway-fips, mattermost, rancher-agent, kafka-proxy,...

PT-2024-36564 · Kanboard +1 · Kanboard +1

Name of the Vulnerable Software and Affected Versions: Kanboard versions prior to 1.2.43 Description: Kanboard is project management software that focuses on the Kanban methodology. In affected versions, sessions are still usable even though their lifetime has exceeded. Kanboard implements a cust...

OPENSUSE-SU-2024:14598-1 docker-stable-24.0.9_ce-6.1 on GA media

These are all security issues fixed in the docker-stable-24.0.9ce-6.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:14597-1 docker-27.4.1_ce-12.1 on GA media

These are all security issues fixed in the docker-27.4.1ce-12.1 package on the GA media of openSUSE Tumbleweed...

openSUSE Security Advisory (SUSE-SU-2024:4360-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2024:4360-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4360-1 advisory. - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: -...

CVE-2024-36623 affecting package docker-cli for versions less than 25.0.3-3

CVE-2024-36623 affecting package docker-cli for versions less than 25.0.3-3. A patched version of the package is available...

SUSE-SU-2024:4360-1 Security update for docker

This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...

Ubuntu 18.04 LTS / 24.04 LTS : Docker vulnerabilities (USN-7161-1)

The remote Ubuntu 18.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7161-1 advisory. Yair Zak discovered that Docker could unexpectedly forward DNS requests from internal networks in an unexpected manner. An attacker could...

Ubuntu: Security Advisory (USN-7161-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : docker (SUSE-SU-2024:4319-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:4319-1 advisory. - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file...

USN-7161-1 Docker vulnerabilities

Yair Zak discovered that Docker could unexpectedly forward DNS requests from internal networks in an unexpected manner. An attacker could possibly use this issue to exfiltrate data by encoding information in DNS queries to controlled nameservers. This issue was only addressed for the source packa...

USN-7161-1: Docker vulnerabilities

Yair Zak discovered that Docker could unexpectedly forward DNS requests from internal networks in an unexpected manner. An attacker could possibly use this issue to exfiltrate data by encoding information in DNS queries to controlled nameservers. This issue was only addressed for the source packa...

CBL Mariner 2.0 Security Update: docker-cli / moby-cli / moby-compose / moby-engine (CVE-2024-36623)

The version of docker-cli / moby-cli / moby-compose / moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36623 advisory. - moby through v25.0.3 has a Race Condition vulnerability in the...

Exploit for CVE-2024-38819

CVE-2024-38819: Proof of Concept PoC This is a proof of con...

Security update for docker

This update for docker fixes the following issues: Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker which...

SUSE-SU-2024:4319-1 Security update for docker

This update for docker fixes the following issues: - Update docker-buildx to v0.19.2. See upstream changelog online at . Some notable changelogs from the last update: - Add a new toggle file /etc/docker/suse-secrets-enable which allows users to disable the SUSEConnect integration with Docker whic...

OESA-2024-2557 docker security update

Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: moby v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or...

OESA-2024-2556 docker security update

Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: moby v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or...