Lucene search
K

5 matches found

OSV
OSV
added 2026/05/29 3:36 p.m.5 views

SUSE-SU-2026:2120-1 Security update for docker-stable

This update for docker-stable fixes the following issues - CVE-2026-33747: github.com/moby/buildkit: malicious frontends can craft API messages that cause files to be written outside of the BuildKit state directory bsc1260967. - CVE-2026-33748: github.com/moby/buildkit: insufficient validation of...

9.8CVSS7AI score0.00498EPSS
Exploits0References5
OSV
OSV
added 2026/05/26 12:29 p.m.6 views

SUSE-SU-2026:21851-1 Security update for docker-stable

This update for docker-stable fixes the following issues - CVE-2026-33747: github.com/moby/buildkit: malicious frontends can craft API messages that cause files to be written outside of the BuildKit state directory bsc1260967. - CVE-2026-33748: github.com/moby/buildkit: insufficient validation of...

9.8CVSS7AI score0.00498EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/08 12:0 a.m.17 views

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS : Docker vulnerabilities (USN-8230-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8230-1 advisory. It was discovered that BuildKit, contained within Docker, incorrectly handled file path validation when processing...

9.8CVSS5.9AI score0.00498EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/09/17 5:19 p.m.8 views

Security Bulletin: IBM Watsonx BI is affected by a vulnerability found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic.

Summary Watsonx BI has a vulnerability found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads to inefficient regular expression complexity...

7.5CVSS6.3AI score0.007EPSS
Exploits1Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/28 10:30 a.m.5 views

CVE-2025-8262

A flaw was found in yarnpkg/yarn. The explodeHostedGitFragment function in src/resolvers/exotics/hosted-git-resolver.js is susceptible to a resource exhaustion condition due to inefficient regular expression processing. This vulnerability allows a network attacker to provide a crafted Git fragmen...

7.5CVSS4.3AI score0.007EPSS
Exploits1References2
Rows per page
Query Builder