GHSA-CQ8V-F236-94QC vulnerabilities

Vulnerabilities for packages: sdp-k8s-injector, zellij, efs-utils, hurl, ntpd-rs, wasmtime, deno, rav1e, sccache, vector, just, buck2, mdbook, cargo-audit, ruff, sqlx, nushell, rye, yara-x, wasmcloud, lychee, samply, zola, py3-xet-core, cargo-c, biome, zed, atuin, fish, pixi, parseable, starship,...

GHSA-CQ8V-F236-94QC vulnerabilities

Vulnerabilities for packages: rav1e, py3-xet-core, kdash, wasmcloud, shadowsocks-rust, efs-utils, nushell, vector, sdp-k8s-injector, cargo-c, zizmor, uutils, asciinema, zellij, watchexec, linkerd-network-validator, starship, hurl, xh, yazi, bootc, berg, virtiofsd, netavark, linkerd2-proxy, lychee...

EUVD-2026-19972

netavark has incorrect error handling for malformed tcp packets...

netavark has incorrect error handling for malformed tcp packets

Impact A truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. Patches https://github.com/containers/aardvark-dns/commit/3b49ea7b38bdea134b7f03256f2e13f44ce73bb1 Workarounds None Credits Thanks to @dkane01 for reporti...

GHSA-HFPQ-X728-986J netavark has incorrect error handling for malformed tcp packets

Impact A truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. Patches https://github.com/containers/aardvark-dns/commit/3b49ea7b38bdea134b7f03256f2e13f44ce73bb1 Workarounds None Credits Thanks to @dkane01 for reporti...

CVE-2026-25541 affecting package netavark for versions less than 1.10.3-7

CVE-2026-25541 affecting package netavark for versions less than 1.10.3-7. A patched version of the package is available...

container-tools:ol8 security update

aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah 2:1.33.14-2 - rebuild for CVE-2025-61729 - Resolves: RHEL-140529 cockpit-podman 84.1-1 - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1 - Related: Jira:RHEL-25557 conmon...

AZL-76703 CVE-2026-25541 affecting package netavark 1.10.3-5

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

container-tools:rhel8 security update

aardvark-dns 2:1.10.1-2 - build off the RHEL maintenance branch - Resolves: RHEL-59129 buildah 2:1.33.14-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 https://github.com/containers/buildah/commit/a7f8179 - fixes 'CVE-2025-47913...

TencentOS Server 4: netavark (TSSA-2025:0782)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0782 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

EUVD-2025-22934

Malicious code in bioql PyPI...

ROS-20250829-04

A vulnerability in a network stack designed to manage Netavark container networks is related to the removal of the of the dns.podman search domain. Exploitation of the vulnerability could allow an attacker acting remotely, gain access to sensitive information...

Linux Distros Unpatched Vulnerability : CVE-2025-8283

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may...

SUSE CVE-2025-8283

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

Netavark Has Possible DNS Resolve Confusion

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

GHSA-RPCF-RMH6-42XR Netavark Has Possible DNS Resolve Confusion

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

CVE-2025-8283

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

CVE-2025-8283

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

UBUNTU-CVE-2025-8283

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be us...

CVE-2025-8283

CVE-2025-8283 affects the netavark component used with Podman for container networking. Due to removal of the dns.podman search domain, netavark may reveal external servers when a valid A/AAAA record is answered, causing a container whose name matches a domain hostname to resolve to external host...