Test ID:	1.3.6.1.4.1.25623.1.1.18.2.2025.0226.1
Category:	openSUSE Local Security Checks
Title:	openSUSE Security Advisory (SUSE-SU-2025:0226-1)
Summary:	The remote host is missing an update for the 'docker-stable' package(s) announced via the SUSE-SU-2025:0226-1 advisory.
Description:	Summary: The remote host is missing an update for the 'docker-stable' package(s) announced via the SUSE-SU-2025:0226-1 advisory. Vulnerability Insight: This update for docker-stable fixes the following issues: - CVE-2024-29018: Fixed external DNS request handling from 'internal' networks that could have led to data exfiltration (bsc#1234089). - CVE-2024-23650: Fixed possibile BuildKit daemon crash via malicious BuildKit client or frontend request (bsc#1219437). Affected Software/OS: 'docker-stable' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-23650 https://github.com/moby/buildkit/pull/4601 https://github.com/moby/buildkit/releases/tag/v0.12.5 https://github.com/moby/buildkit/security/advisories/GHSA-9p26-698r-w4hx Common Vulnerability Exposure (CVE) ID: CVE-2024-23653 https://github.com/moby/buildkit/pull/4602 https://github.com/moby/buildkit/security/advisories/GHSA-wr6v-9f75-vh2g Common Vulnerability Exposure (CVE) ID: CVE-2024-29018 https://github.com/moby/moby/pull/46609 https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx Common Vulnerability Exposure (CVE) ID: CVE-2024-41110
Copyright	Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.