rpm package
suse/docker&distro=SUSE Linux Enterprise Module for Basesystem 15 SP7
pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-58181 | — | < 28.5.1_ce-150000.241.2 | 28.5.1_ce-150000.241.2 | Nov 19, 2025 | SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption. | ||
| CVE-2025-54388 | — | < 28.3.3_ce-150000.230.1 | 28.3.3_ce-150000.230.1 | Jul 30, 2025 | Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables | ||
| CVE-2025-22872 | Med | 6.5 | < 28.2.2_ce-150000.227.1 | 28.2.2_ce-150000.227.1 | Apr 16, 2025 | The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can resul | |
| CVE-2025-0495 | Med | — | < 28.2.2_ce-150000.227.1 | 28.2.2_ce-150000.227.1 | Mar 17, 2025 | Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured i |
- CVE-2025-58181Nov 19, 2025affected < 28.5.1_ce-150000.241.2fixed 28.5.1_ce-150000.241.2
SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.
- CVE-2025-54388Jul 30, 2025affected < 28.3.3_ce-150000.230.1fixed 28.3.3_ce-150000.230.1
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables
- affected < 28.2.2_ce-150000.227.1fixed 28.2.2_ce-150000.227.1
The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character (/) as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can resul
- affected < 28.2.2_ce-150000.227.1fixed 28.2.2_ce-150000.227.1
Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured i