rpm package
suse/docker-stable&distro=SUSE Linux Enterprise Server for SAP Applications 15 SP6
pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34040 | Hig | 8.8 | < 24.0.9_ce-150000.1.45.1 | 24.0.9_ce-150000.1.45.1 | Mar 31, 2026 | Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1. | |
| CVE-2026-33997 | Med | 6.8 | < 24.0.9_ce-150000.1.45.1 | 24.0.9_ce-150000.1.45.1 | Mar 31, 2026 | Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorre | |
| CVE-2025-30204 | Hig | 7.5 | < 24.0.9_ce-150000.1.36.1 | 24.0.9_ce-150000.1.36.1 | Mar 21, 2025 | golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a maliciou |
- affected < 24.0.9_ce-150000.1.45.1fixed 24.0.9_ce-150000.1.45.1
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
- affected < 24.0.9_ce-150000.1.45.1fixed 24.0.9_ce-150000.1.45.1
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorre
- affected < 24.0.9_ce-150000.1.36.1fixed 24.0.9_ce-150000.1.36.1
golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits (via a call to strings.Split) its argument (which is untrusted data) on periods. As a result, in the face of a maliciou