5 matches found
SUSE-SU-2026:2120-1 Security update for docker-stable
This update for docker-stable fixes the following issues - CVE-2026-33747: github.com/moby/buildkit: malicious frontends can craft API messages that cause files to be written outside of the BuildKit state directory bsc1260967. - CVE-2026-33748: github.com/moby/buildkit: insufficient validation of...
SUSE-SU-2026:21851-1 Security update for docker-stable
This update for docker-stable fixes the following issues - CVE-2026-33747: github.com/moby/buildkit: malicious frontends can craft API messages that cause files to be written outside of the BuildKit state directory bsc1260967. - CVE-2026-33748: github.com/moby/buildkit: insufficient validation of...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : Docker vulnerabilities (USN-8230-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8230-1 advisory. It was discovered that BuildKit, contained within Docker, incorrectly handled file path validation when processing...
Security Bulletin: IBM Watsonx BI is affected by a vulnerability found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic.
Summary Watsonx BI has a vulnerability found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads to inefficient regular expression complexity...
CVE-2025-8262
A flaw was found in yarnpkg/yarn. The explodeHostedGitFragment function in src/resolvers/exotics/hosted-git-resolver.js is susceptible to a resource exhaustion condition due to inefficient regular expression processing. This vulnerability allows a network attacker to provide a crafted Git fragmen...