Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-54388 (GCVE-0-2025-54388)
Vulnerability from cvelistv5 – Published: 2025-07-30 13:24 – Updated: 2025-07-30 13:38
VLAI
EPSS
Title
Moby's Firewalld reload makes published container ports accessible from remote hosts
Summary
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.
Severity
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-909 - Missing Initialization of Resource
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/moby/moby/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/moby/moby/pull/50506 | x_refsource_MISC |
| https://github.com/moby/moby/commit/bea959c7b793b… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54388",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-30T13:36:54.503462Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T13:38:07.559Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "moby",
"vendor": "moby",
"versions": [
{
"status": "affected",
"version": "\u003e= 28.2.0, \u003c 28.3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "ADJACENT",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-909",
"description": "CWE-909: Missing Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-30T13:24:06.849Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/moby/moby/security/advisories/GHSA-x4rx-4gw3-53p4",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/moby/moby/security/advisories/GHSA-x4rx-4gw3-53p4"
},
{
"name": "https://github.com/moby/moby/pull/50506",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/moby/moby/pull/50506"
},
{
"name": "https://github.com/moby/moby/commit/bea959c7b793b32a893820b97c4eadc7c87fabb0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/moby/moby/commit/bea959c7b793b32a893820b97c4eadc7c87fabb0"
}
],
"source": {
"advisory": "GHSA-x4rx-4gw3-53p4",
"discovery": "UNKNOWN"
},
"title": "Moby\u0027s Firewalld reload makes published container ports accessible from remote hosts"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-54388",
"datePublished": "2025-07-30T13:24:06.849Z",
"dateReserved": "2025-07-21T16:12:20.734Z",
"dateUpdated": "2025-07-30T13:38:07.559Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-54388",
"date": "2026-06-04",
"epss": "0.00033",
"percentile": "0.10224"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-54388\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-07-30T14:15:28.693\",\"lastModified\":\"2025-09-08T16:34:31.630\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.\"},{\"lang\":\"es\",\"value\":\"Moby es un framework de contenedores de c\u00f3digo abierto desarrollado por Docker Inc. y distribuido como Docker Engine, Mirantis Container Runtime y otros proyectos/productos derivados. En las versiones 28.2.0 a 28.3.2, al recargar el servicio firewalld, se eliminan todas las reglas de iptables, incluidas las creadas por Docker. Si bien Docker deber\u00eda recrear estas reglas autom\u00e1ticamente, las versiones anteriores a la 28.3.3 no recrean las reglas espec\u00edficas que bloquean el acceso externo a los contenedores. Esto significa que, tras recargar firewalld, los contenedores con puertos publicados en localhost (como 127.0.0.1:8080) se vuelven accesibles desde equipos remotos con enrutamiento de red al puente Docker, aunque solo deber\u00edan ser accesibles desde el propio host. La vulnerabilidad solo afecta a los puertos publicados expl\u00edcitamente; los puertos no publicados permanecen protegidos. Este problema se solucion\u00f3 en la versi\u00f3n 28.3.3.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"PASSIVE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"LOW\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":4.6,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.1,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-909\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"28.2.0\",\"versionEndExcluding\":\"28.3.3\",\"matchCriteriaId\":\"C900AA7A-0411-4DB8-897A-42A567D2F928\"}]}]}],\"references\":[{\"url\":\"https://github.com/moby/moby/commit/bea959c7b793b32a893820b97c4eadc7c87fabb0\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/moby/moby/pull/50506\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/moby/moby/security/advisories/GHSA-x4rx-4gw3-53p4\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-54388\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-30T13:36:54.503462Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-30T13:38:00.757Z\"}}], \"cna\": {\"title\": \"Moby\u0027s Firewalld reload makes published container ports accessible from remote hosts\", \"source\": {\"advisory\": \"GHSA-x4rx-4gw3-53p4\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.1, \"attackVector\": \"ADJACENT\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N\", \"userInteraction\": \"PASSIVE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"NONE\", \"subIntegrityImpact\": \"LOW\", \"vulnIntegrityImpact\": \"LOW\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"LOW\", \"vulnConfidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"moby\", \"product\": \"moby\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 28.2.0, \u003c 28.3.3\"}]}], \"references\": [{\"url\": \"https://github.com/moby/moby/security/advisories/GHSA-x4rx-4gw3-53p4\", \"name\": \"https://github.com/moby/moby/security/advisories/GHSA-x4rx-4gw3-53p4\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/moby/moby/pull/50506\", \"name\": \"https://github.com/moby/moby/pull/50506\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/moby/moby/commit/bea959c7b793b32a893820b97c4eadc7c87fabb0\", \"name\": \"https://github.com/moby/moby/commit/bea959c7b793b32a893820b97c4eadc7c87fabb0\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-909\", \"description\": \"CWE-909: Missing Initialization of Resource\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-07-30T13:24:06.849Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-54388\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-30T13:38:07.559Z\", \"dateReserved\": \"2025-07-21T16:12:20.734Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-07-30T13:24:06.849Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2025:02913-1
Vulnerability from csaf_suse - Published: 2025-08-19 12:52 - Updated: 2025-08-19 12:52Summary
Security update for docker
Severity
Moderate
Notes
Title of the patch: Security update for docker
Description of the patch: This update for docker fixes the following issues:
- Update to Docker 28.3.3-ce.
- CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. (bsc#1247367)
Patchnames: SUSE-2025-2913,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2913,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2913
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.2 (Medium)
Affected products
Recommended
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP5-LTSS:docker-bash-completion-28.3.3_ce-98.137.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-28.3.3_ce-98.137.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-28.3.3_ce-98.137.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\n- Update to Docker 28.3.3-ce.\n- CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. (bsc#1247367)\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2913,SUSE-SLE-SERVER-12-SP5-LTSS-2025-2913,SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2025-2913",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02913-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02913-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502913-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02913-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041293.html"
},
{
"category": "self",
"summary": "SUSE Bug 1246556",
"url": "https://bugzilla.suse.com/1246556"
},
{
"category": "self",
"summary": "SUSE Bug 1247367",
"url": "https://bugzilla.suse.com/1247367"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54388 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54388/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-08-19T12:52:43Z",
"generator": {
"date": "2025-08-19T12:52:43Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02913-1",
"initial_release_date": "2025-08-19T12:52:43Z",
"revision_history": [
{
"date": "2025-08-19T12:52:43Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-98.137.1.aarch64",
"product": {
"name": "docker-28.3.3_ce-98.137.1.aarch64",
"product_id": "docker-28.3.3_ce-98.137.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-98.137.1.i586",
"product": {
"name": "docker-28.3.3_ce-98.137.1.i586",
"product_id": "docker-28.3.3_ce-98.137.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-28.3.3_ce-98.137.1.noarch",
"product": {
"name": "docker-bash-completion-28.3.3_ce-98.137.1.noarch",
"product_id": "docker-bash-completion-28.3.3_ce-98.137.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.3.3_ce-98.137.1.noarch",
"product": {
"name": "docker-fish-completion-28.3.3_ce-98.137.1.noarch",
"product_id": "docker-fish-completion-28.3.3_ce-98.137.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.3.3_ce-98.137.1.noarch",
"product": {
"name": "docker-rootless-extras-28.3.3_ce-98.137.1.noarch",
"product_id": "docker-rootless-extras-28.3.3_ce-98.137.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.3.3_ce-98.137.1.noarch",
"product": {
"name": "docker-zsh-completion-28.3.3_ce-98.137.1.noarch",
"product_id": "docker-zsh-completion-28.3.3_ce-98.137.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-98.137.1.ppc64le",
"product": {
"name": "docker-28.3.3_ce-98.137.1.ppc64le",
"product_id": "docker-28.3.3_ce-98.137.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-98.137.1.s390x",
"product": {
"name": "docker-28.3.3_ce-98.137.1.s390x",
"product_id": "docker-28.3.3_ce-98.137.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-98.137.1.x86_64",
"product": {
"name": "docker-28.3.3_ce-98.137.1.x86_64",
"product_id": "docker-28.3.3_ce-98.137.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss-extended-security:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-98.137.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-98.137.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-98.137.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-98.137.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-98.137.1.s390x as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.s390x"
},
"product_reference": "docker-28.3.3_ce-98.137.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-98.137.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-98.137.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-98.137.1.noarch as component of SUSE Linux Enterprise Server 12 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP5-LTSS:docker-bash-completion-28.3.3_ce-98.137.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-98.137.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-98.137.1.x86_64 as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-28.3.3_ce-98.137.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-98.137.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-98.137.1.noarch as component of SUSE Linux Enterprise Server LTSS Extended Security 12 SP5",
"product_id": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-28.3.3_ce-98.137.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-98.137.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server LTSS Extended Security 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54388"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-bash-completion-28.3.3_ce-98.137.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-28.3.3_ce-98.137.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-28.3.3_ce-98.137.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54388",
"url": "https://www.suse.com/security/cve/CVE-2025-54388"
},
{
"category": "external",
"summary": "SUSE Bug 1247367 for CVE-2025-54388",
"url": "https://bugzilla.suse.com/1247367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-bash-completion-28.3.3_ce-98.137.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-28.3.3_ce-98.137.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-28.3.3_ce-98.137.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.s390x",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-28.3.3_ce-98.137.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5-LTSS:docker-bash-completion-28.3.3_ce-98.137.1.noarch",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-28.3.3_ce-98.137.1.x86_64",
"SUSE Linux Enterprise Server LTSS Extended Security 12 SP5:docker-bash-completion-28.3.3_ce-98.137.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-19T12:52:43Z",
"details": "moderate"
}
],
"title": "CVE-2025-54388"
}
]
}
SUSE-SU-2025:02914-1
Vulnerability from csaf_suse - Published: 2025-08-19 12:54 - Updated: 2025-08-19 12:54Summary
Security update for docker
Severity
Moderate
Notes
Title of the patch: Security update for docker
Description of the patch: This update for docker fixes the following issues:
- Update to Docker 28.3.3-ce.
- CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. (bsc#1247367)
Patchnames: SUSE-2025-2914,SUSE-SLE-Micro-5.3-2025-2914,SUSE-SLE-Micro-5.4-2025-2914,SUSE-SLE-Micro-5.5-2025-2914,SUSE-SLE-Module-Basesystem-15-SP7-2025-2914,SUSE-SLE-Module-Containers-15-SP6-2025-2914,SUSE-SLE-Module-Containers-15-SP7-2025-2914,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2914,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2914,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2914,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2914,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2914,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2914,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2914,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2914,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2914,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2914,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2914,SUSE-SUSE-MicroOS-5.1-2025-2914,SUSE-SUSE-MicroOS-5.2-2025-2914,SUSE-Storage-7.1-2025-2914,openSUSE-SLE-15.6-2025-2914
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.2 (Medium)
Affected products
Recommended
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Enterprise Storage 7.1:docker-fish-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP7:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:docker-fish-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\n- Update to Docker 28.3.3-ce.\n- CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. (bsc#1247367)\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-2914,SUSE-SLE-Micro-5.3-2025-2914,SUSE-SLE-Micro-5.4-2025-2914,SUSE-SLE-Micro-5.5-2025-2914,SUSE-SLE-Module-Basesystem-15-SP7-2025-2914,SUSE-SLE-Module-Containers-15-SP6-2025-2914,SUSE-SLE-Module-Containers-15-SP7-2025-2914,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-2914,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-2914,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-2914,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-2914,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-2914,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-2914,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-2914,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-2914,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-2914,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-2914,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-2914,SUSE-SUSE-MicroOS-5.1-2025-2914,SUSE-SUSE-MicroOS-5.2-2025-2914,SUSE-Storage-7.1-2025-2914,openSUSE-SLE-15.6-2025-2914",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_02914-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:02914-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202502914-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:02914-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-August/041292.html"
},
{
"category": "self",
"summary": "SUSE Bug 1246556",
"url": "https://bugzilla.suse.com/1246556"
},
{
"category": "self",
"summary": "SUSE Bug 1247367",
"url": "https://bugzilla.suse.com/1247367"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54388 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54388/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-08-19T12:54:57Z",
"generator": {
"date": "2025-08-19T12:54:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:02914-1",
"initial_release_date": "2025-08-19T12:54:57Z",
"revision_history": [
{
"date": "2025-08-19T12:54:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-150000.230.1.aarch64",
"product": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64",
"product_id": "docker-28.3.3_ce-150000.230.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-150000.230.1.i586",
"product": {
"name": "docker-28.3.3_ce-150000.230.1.i586",
"product_id": "docker-28.3.3_ce-150000.230.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"product": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"product_id": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"product": {
"name": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"product_id": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"product": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"product_id": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"product": {
"name": "docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"product_id": "docker-zsh-completion-28.3.3_ce-150000.230.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-150000.230.1.ppc64le",
"product": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le",
"product_id": "docker-28.3.3_ce-150000.230.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-150000.230.1.s390x",
"product": {
"name": "docker-28.3.3_ce-150000.230.1.s390x",
"product_id": "docker-28.3.3_ce-150000.230.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-150000.230.1.x86_64",
"product": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64",
"product_id": "docker-28.3.3_ce-150000.230.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP7:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:docker-fish-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.ppc64le"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.s390x"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-150000.230.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-150000.230.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-fish-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.3.3_ce-150000.230.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch"
},
"product_reference": "docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54388"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Enterprise Storage 7.1:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.aarch64",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.ppc64le",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.s390x",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.x86_64",
"openSUSE Leap 15.6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54388",
"url": "https://www.suse.com/security/cve/CVE-2025-54388"
},
{
"category": "external",
"summary": "SUSE Bug 1247367 for CVE-2025-54388",
"url": "https://bugzilla.suse.com/1247367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Enterprise Storage 7.1:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.aarch64",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.ppc64le",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.s390x",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.x86_64",
"openSUSE Leap 15.6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Enterprise Storage 7.1:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Enterprise Storage 7.1:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Enterprise Storage 7.1:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.1:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.2:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.3:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.4:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Micro 5.5:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP7:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP3-LTSS:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP4-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-28.3.3_ce-150000.230.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.aarch64",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.ppc64le",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.s390x",
"openSUSE Leap 15.6:docker-28.3.3_ce-150000.230.1.x86_64",
"openSUSE Leap 15.6:docker-bash-completion-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-fish-completion-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-rootless-extras-28.3.3_ce-150000.230.1.noarch",
"openSUSE Leap 15.6:docker-zsh-completion-28.3.3_ce-150000.230.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-19T12:54:57Z",
"details": "moderate"
}
],
"title": "CVE-2025-54388"
}
]
}
SUSE-SU-2025:20565-1
Vulnerability from csaf_suse - Published: 2025-08-21 08:01 - Updated: 2025-08-21 08:01Summary
Security update for docker
Severity
Moderate
Notes
Title of the patch: Security update for docker
Description of the patch: This update for docker fixes the following issues:
- Update to Docker 28.3.3-ce:
* CVE-2025-54388: firewalld reload can make published container
ports accessible from remote hosts (bsc#1247367)
- Update to docker-buildx v0.26.1.
Patchnames: SUSE-SLE-Micro-6.0-430
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.2 (Medium)
Affected products
Recommended
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\n- Update to Docker 28.3.3-ce: \n * CVE-2025-54388: firewalld reload can make published container \n ports accessible from remote hosts (bsc#1247367)\n\n- Update to docker-buildx v0.26.1.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-430",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20565-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20565-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520565-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20565-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022314.html"
},
{
"category": "self",
"summary": "SUSE Bug 1247367",
"url": "https://bugzilla.suse.com/1247367"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54388 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54388/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-08-21T08:01:27Z",
"generator": {
"date": "2025-08-21T08:01:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20565-1",
"initial_release_date": "2025-08-21T08:01:27Z",
"revision_history": [
{
"date": "2025-08-21T08:01:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-6.1.aarch64",
"product": {
"name": "docker-28.3.3_ce-6.1.aarch64",
"product_id": "docker-28.3.3_ce-6.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.26.1-6.1.aarch64",
"product": {
"name": "docker-buildx-0.26.1-6.1.aarch64",
"product_id": "docker-buildx-0.26.1-6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-6.1.s390x",
"product": {
"name": "docker-28.3.3_ce-6.1.s390x",
"product_id": "docker-28.3.3_ce-6.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.26.1-6.1.s390x",
"product": {
"name": "docker-buildx-0.26.1-6.1.s390x",
"product_id": "docker-buildx-0.26.1-6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.3.3_ce-6.1.x86_64",
"product": {
"name": "docker-28.3.3_ce-6.1.x86_64",
"product_id": "docker-28.3.3_ce-6.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.26.1-6.1.x86_64",
"product": {
"name": "docker-buildx-0.26.1-6.1.x86_64",
"product_id": "docker-buildx-0.26.1-6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-6.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.aarch64"
},
"product_reference": "docker-28.3.3_ce-6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-6.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.s390x"
},
"product_reference": "docker-28.3.3_ce-6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.3.3_ce-6.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.x86_64"
},
"product_reference": "docker-28.3.3_ce-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.26.1-6.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.aarch64"
},
"product_reference": "docker-buildx-0.26.1-6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.26.1-6.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.s390x"
},
"product_reference": "docker-buildx-0.26.1-6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.26.1-6.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.x86_64"
},
"product_reference": "docker-buildx-0.26.1-6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54388"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.aarch64",
"SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.s390x",
"SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.x86_64",
"SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.aarch64",
"SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.s390x",
"SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54388",
"url": "https://www.suse.com/security/cve/CVE-2025-54388"
},
{
"category": "external",
"summary": "SUSE Bug 1247367 for CVE-2025-54388",
"url": "https://bugzilla.suse.com/1247367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.aarch64",
"SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.s390x",
"SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.x86_64",
"SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.aarch64",
"SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.s390x",
"SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.aarch64",
"SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.s390x",
"SUSE Linux Micro 6.0:docker-28.3.3_ce-6.1.x86_64",
"SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.aarch64",
"SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.s390x",
"SUSE Linux Micro 6.0:docker-buildx-0.26.1-6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-08-21T08:01:27Z",
"details": "moderate"
}
],
"title": "CVE-2025-54388"
}
]
}
SUSE-SU-2025:20743-1
Vulnerability from csaf_suse - Published: 2025-09-10 16:09 - Updated: 2025-09-10 16:09Summary
Security update for docker
Severity
Moderate
Notes
Title of the patch: Security update for docker
Description of the patch: This update for docker fixes the following issues:
Update to docker-buildx v0.28.0.
See upstream changelog: <https://github.com/docker/buildx/releases/tag/v0.28.0>
Update to Docker 28.4.0-ce.
See upstream changelog: <https://docs.docker.com/engine/release-notes/28/#2840>
- Update warnings and errors related to "docker buildx ..." so that they
reference our openSUSE docker-buildx packages.
- Enable building docker-buildx for SLE15 systems with SUSEConnect secret
injection enabled.jsc#PED-12534jsc#PED-8905 bsc#1247594
As docker-buildx does not support our SUSEConnect secret injection (and some
users depend "docker build" working transparently), patch the docker CLI so
that "docker build" will no longer automatically call "docker buildx build",
effectively making DOCKER_BUILDKIT=0 the default configuration. Users can
manually use "docker buildx ..." commands or set DOCKER_BUILDKIT=1 in order
to opt-in to using docker-buildx.
Users can silence the "docker build" warning by setting DOCKER_BUILDKIT=0
explicitly.
In order to inject SCC credentials with docker-buildx, users should use
RUN --mount=type=secret,id=SCCcredentials zypper -n ...
in their Dockerfiles, and
docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .
when doing their builds.
Update to Docker 28.3.3-ce. See upstream changelog online at <https://docs.docker.com/engine/release-notes/28/#2833>
Security issue fixed:
- CVE-2025-54388: firewalld reload can make published container ports accessible from remote hosts (bsc#1247367)
Update to docker-buildx v0.26.1. Upstream changelog: <https://github.com/docker/buildx/releases/tag/v0.26.1>
Update to docker-buildx v0.26.0. Upstream changelog: <https://github.com/docker/buildx/releases/tag/v0.26.0>
Patchnames: SUSE-SLE-Micro-6.1-257
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.2 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\nUpdate to docker-buildx v0.28.0.\n\nSee upstream changelog: \u003chttps://github.com/docker/buildx/releases/tag/v0.28.0\u003e\n\nUpdate to Docker 28.4.0-ce.\n\nSee upstream changelog: \u003chttps://docs.docker.com/engine/release-notes/28/#2840\u003e\n\n- Update warnings and errors related to \"docker buildx ...\" so that they\n reference our openSUSE docker-buildx packages.\n\n- Enable building docker-buildx for SLE15 systems with SUSEConnect secret\n injection enabled.jsc#PED-12534jsc#PED-8905 bsc#1247594\n\n As docker-buildx does not support our SUSEConnect secret injection (and some\n users depend \"docker build\" working transparently), patch the docker CLI so\n that \"docker build\" will no longer automatically call \"docker buildx build\",\n effectively making DOCKER_BUILDKIT=0 the default configuration. Users can\n manually use \"docker buildx ...\" commands or set DOCKER_BUILDKIT=1 in order\n to opt-in to using docker-buildx.\n\n Users can silence the \"docker build\" warning by setting DOCKER_BUILDKIT=0\n explicitly.\n\n In order to inject SCC credentials with docker-buildx, users should use\n\n RUN --mount=type=secret,id=SCCcredentials zypper -n ...\n\n in their Dockerfiles, and\n\n docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .\n\n when doing their builds.\n\nUpdate to Docker 28.3.3-ce. See upstream changelog online at \u003chttps://docs.docker.com/engine/release-notes/28/#2833\u003e\n\nSecurity issue fixed:\n\n- CVE-2025-54388: firewalld reload can make published container ports accessible from remote hosts (bsc#1247367)\n\nUpdate to docker-buildx v0.26.1. Upstream changelog: \u003chttps://github.com/docker/buildx/releases/tag/v0.26.1\u003e\n\nUpdate to docker-buildx v0.26.0. Upstream changelog: \u003chttps://github.com/docker/buildx/releases/tag/v0.26.0\u003e\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-257",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20743-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20743-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520743-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20743-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-September/041897.html"
},
{
"category": "self",
"summary": "SUSE Bug 1247367",
"url": "https://bugzilla.suse.com/1247367"
},
{
"category": "self",
"summary": "SUSE Bug 1247594",
"url": "https://bugzilla.suse.com/1247594"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54388 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54388/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2025-09-10T16:09:16Z",
"generator": {
"date": "2025-09-10T16:09:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20743-1",
"initial_release_date": "2025-09-10T16:09:16Z",
"revision_history": [
{
"date": "2025-09-10T16:09:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.4.0_ce-slfo.1.1_6.1.aarch64",
"product": {
"name": "docker-28.4.0_ce-slfo.1.1_6.1.aarch64",
"product_id": "docker-28.4.0_ce-slfo.1.1_6.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.aarch64",
"product": {
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.aarch64",
"product_id": "docker-buildx-0.28.0-slfo.1.1_6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.4.0_ce-slfo.1.1_6.1.ppc64le",
"product": {
"name": "docker-28.4.0_ce-slfo.1.1_6.1.ppc64le",
"product_id": "docker-28.4.0_ce-slfo.1.1_6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le",
"product": {
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le",
"product_id": "docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.4.0_ce-slfo.1.1_6.1.s390x",
"product": {
"name": "docker-28.4.0_ce-slfo.1.1_6.1.s390x",
"product_id": "docker-28.4.0_ce-slfo.1.1_6.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.s390x",
"product": {
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.s390x",
"product_id": "docker-buildx-0.28.0-slfo.1.1_6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.4.0_ce-slfo.1.1_6.1.x86_64",
"product": {
"name": "docker-28.4.0_ce-slfo.1.1_6.1.x86_64",
"product_id": "docker-28.4.0_ce-slfo.1.1_6.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.x86_64",
"product": {
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.x86_64",
"product_id": "docker-buildx-0.28.0-slfo.1.1_6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.4.0_ce-slfo.1.1_6.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.aarch64"
},
"product_reference": "docker-28.4.0_ce-slfo.1.1_6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.4.0_ce-slfo.1.1_6.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.ppc64le"
},
"product_reference": "docker-28.4.0_ce-slfo.1.1_6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.4.0_ce-slfo.1.1_6.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.s390x"
},
"product_reference": "docker-28.4.0_ce-slfo.1.1_6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.4.0_ce-slfo.1.1_6.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.x86_64"
},
"product_reference": "docker-28.4.0_ce-slfo.1.1_6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.aarch64"
},
"product_reference": "docker-buildx-0.28.0-slfo.1.1_6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le"
},
"product_reference": "docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.s390x"
},
"product_reference": "docker-buildx-0.28.0-slfo.1.1_6.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.28.0-slfo.1.1_6.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.x86_64"
},
"product_reference": "docker-buildx-0.28.0-slfo.1.1_6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54388"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54388",
"url": "https://www.suse.com/security/cve/CVE-2025-54388"
},
{
"category": "external",
"summary": "SUSE Bug 1247367 for CVE-2025-54388",
"url": "https://bugzilla.suse.com/1247367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:docker-28.4.0_ce-slfo.1.1_6.1.x86_64",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.aarch64",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.ppc64le",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.s390x",
"SUSE Linux Micro 6.1:docker-buildx-0.28.0-slfo.1.1_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-09-10T16:09:16Z",
"details": "moderate"
}
],
"title": "CVE-2025-54388"
}
]
}
SUSE-SU-2026:20095-1
Vulnerability from csaf_suse - Published: 2026-01-17 13:20 - Updated: 2026-01-17 13:20Summary
Security update for docker
Severity
Critical
Notes
Title of the patch: Security update for docker
Description of the patch: This update for docker fixes the following issues:
Changes in docker:
- Update to Docker 28.5.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2851>
- Update to Docker 28.5.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2850>
- Update to docker-buildx v0.29.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.29.0>
- Remove git-core recommends on SLE. Most SLE systems have
installRecommends=yes by default and thus end up installing git with Docker.
bsc#1250508
This feature is mostly intended for developers ("docker build git://") so
most users already have the dependency installed, and the error when git is
missing is fairly straightforward (so they can easily figure out what they
need to install).
- Update to docker-buildx v0.28.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.28.0>
- Update to Docker 28.4.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2840>
* Fixes a nil pointer panic in "docker push". bsc#1248373
- Update warnings and errors related to "docker buildx ..." so that they
reference our openSUSE docker-buildx packages.
- Enable building docker-buildx for SLE15 systems with SUSEConnect secret
injection enabled. PED-12534 PED-8905 bsc#1247594
As docker-buildx does not support our SUSEConnect secret injection (and some
users depend "docker build" working transparently), patch the docker CLI so
that "docker build" will no longer automatically call "docker buildx build",
effectively making DOCKER_BUILDKIT=0 the default configuration. Users can
manually use "docker buildx ..." commands or set DOCKER_BUILDKIT=1 in order
to opt-in to using docker-buildx.
Users can silence the "docker build" warning by setting DOCKER_BUILDKIT=0
explicitly.
In order to inject SCC credentials with docker-buildx, users should use
RUN --mount=type=secret,id=SCCcredentials zypper -n ...
in their Dockerfiles, and
docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .
when doing their builds.
- Update to Docker 28.3.3-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2833>
CVE-2025-54388 bsc#1247367
- Update to docker-buildx v0.26.1. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.26.1>
- Update to docker-buildx v0.26.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.26.0>
Patchnames: SUSE-SLES-16.0-151
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.2 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\nChanges in docker:\n\n- Update to Docker 28.5.1-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2851\u003e\n\n- Update to Docker 28.5.0-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2850\u003e\n\n- Update to docker-buildx v0.29.0. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.29.0\u003e\n\n- Remove git-core recommends on SLE. Most SLE systems have\n installRecommends=yes by default and thus end up installing git with Docker.\n bsc#1250508\n\n This feature is mostly intended for developers (\"docker build git://\") so\n most users already have the dependency installed, and the error when git is\n missing is fairly straightforward (so they can easily figure out what they\n need to install).\n\n- Update to docker-buildx v0.28.0. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.28.0\u003e\n\n- Update to Docker 28.4.0-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2840\u003e\n * Fixes a nil pointer panic in \"docker push\". bsc#1248373\n\n- Update warnings and errors related to \"docker buildx ...\" so that they\n reference our openSUSE docker-buildx packages.\n\n- Enable building docker-buildx for SLE15 systems with SUSEConnect secret\n injection enabled. PED-12534 PED-8905 bsc#1247594\n\n As docker-buildx does not support our SUSEConnect secret injection (and some\n users depend \"docker build\" working transparently), patch the docker CLI so\n that \"docker build\" will no longer automatically call \"docker buildx build\",\n effectively making DOCKER_BUILDKIT=0 the default configuration. Users can\n manually use \"docker buildx ...\" commands or set DOCKER_BUILDKIT=1 in order\n to opt-in to using docker-buildx.\n\n Users can silence the \"docker build\" warning by setting DOCKER_BUILDKIT=0\n explicitly.\n\n In order to inject SCC credentials with docker-buildx, users should use\n\n RUN --mount=type=secret,id=SCCcredentials zypper -n ...\n\n in their Dockerfiles, and\n\n docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .\n\n when doing their builds.\n\n- Update to Docker 28.3.3-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2833\u003e\n CVE-2025-54388 bsc#1247367\n\n- Update to docker-buildx v0.26.1. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.26.1\u003e\n\n- Update to docker-buildx v0.26.0. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.26.0\u003e\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-151",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20095-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20095-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620095-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20095-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023886.html"
},
{
"category": "self",
"summary": "SUSE Bug 1247367",
"url": "https://bugzilla.suse.com/1247367"
},
{
"category": "self",
"summary": "SUSE Bug 1247594",
"url": "https://bugzilla.suse.com/1247594"
},
{
"category": "self",
"summary": "SUSE Bug 1248373",
"url": "https://bugzilla.suse.com/1248373"
},
{
"category": "self",
"summary": "SUSE Bug 1250508",
"url": "https://bugzilla.suse.com/1250508"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54388 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54388/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2026-01-17T13:20:31Z",
"generator": {
"date": "2026-01-17T13:20:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20095-1",
"initial_release_date": "2026-01-17T13:20:31Z",
"revision_history": [
{
"date": "2026-01-17T13:20:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.5.1_ce-160000.4.1.aarch64",
"product": {
"name": "docker-28.5.1_ce-160000.4.1.aarch64",
"product_id": "docker-28.5.1_ce-160000.4.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.29.0-160000.4.1.aarch64",
"product": {
"name": "docker-buildx-0.29.0-160000.4.1.aarch64",
"product_id": "docker-buildx-0.29.0-160000.4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"product": {
"name": "docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"product_id": "docker-bash-completion-28.5.1_ce-160000.4.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"product": {
"name": "docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"product_id": "docker-fish-completion-28.5.1_ce-160000.4.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"product": {
"name": "docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"product_id": "docker-rootless-extras-28.5.1_ce-160000.4.1.noarch"
}
},
{
"category": "product_version",
"name": "docker-zsh-completion-28.5.1_ce-160000.4.1.noarch",
"product": {
"name": "docker-zsh-completion-28.5.1_ce-160000.4.1.noarch",
"product_id": "docker-zsh-completion-28.5.1_ce-160000.4.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.5.1_ce-160000.4.1.ppc64le",
"product": {
"name": "docker-28.5.1_ce-160000.4.1.ppc64le",
"product_id": "docker-28.5.1_ce-160000.4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.29.0-160000.4.1.ppc64le",
"product": {
"name": "docker-buildx-0.29.0-160000.4.1.ppc64le",
"product_id": "docker-buildx-0.29.0-160000.4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.5.1_ce-160000.4.1.s390x",
"product": {
"name": "docker-28.5.1_ce-160000.4.1.s390x",
"product_id": "docker-28.5.1_ce-160000.4.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.29.0-160000.4.1.s390x",
"product": {
"name": "docker-buildx-0.29.0-160000.4.1.s390x",
"product_id": "docker-buildx-0.29.0-160000.4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.5.1_ce-160000.4.1.x86_64",
"product": {
"name": "docker-28.5.1_ce-160000.4.1.x86_64",
"product_id": "docker-28.5.1_ce-160000.4.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.29.0-160000.4.1.x86_64",
"product": {
"name": "docker-buildx-0.29.0-160000.4.1.x86_64",
"product_id": "docker-buildx-0.29.0-160000.4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16.0"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.aarch64"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.ppc64le"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.s390x"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.x86_64"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.5.1_ce-160000.4.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch"
},
"product_reference": "docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.aarch64"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.s390x"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.x86_64"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.5.1_ce-160000.4.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch"
},
"product_reference": "docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.5.1_ce-160000.4.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch"
},
"product_reference": "docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.5.1_ce-160000.4.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch"
},
"product_reference": "docker-zsh-completion-28.5.1_ce-160000.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.aarch64"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.ppc64le"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.s390x"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.x86_64"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-bash-completion-28.5.1_ce-160000.4.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch"
},
"product_reference": "docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.aarch64"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.s390x"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.x86_64"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-fish-completion-28.5.1_ce-160000.4.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch"
},
"product_reference": "docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-rootless-extras-28.5.1_ce-160000.4.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch"
},
"product_reference": "docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-zsh-completion-28.5.1_ce-160000.4.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch"
},
"product_reference": "docker-zsh-completion-28.5.1_ce-160000.4.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54388"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54388",
"url": "https://www.suse.com/security/cve/CVE-2025-54388"
},
{
"category": "external",
"summary": "SUSE Bug 1247367 for CVE-2025-54388",
"url": "https://bugzilla.suse.com/1247367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-28.5.1_ce-160000.4.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.aarch64",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.s390x",
"SUSE Linux Enterprise Server 16.0:docker-buildx-0.29.0-160000.4.1.x86_64",
"SUSE Linux Enterprise Server 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-28.5.1_ce-160000.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-bash-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-buildx-0.29.0-160000.4.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-fish-completion-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-rootless-extras-28.5.1_ce-160000.4.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:docker-zsh-completion-28.5.1_ce-160000.4.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-17T13:20:31Z",
"details": "moderate"
}
],
"title": "CVE-2025-54388"
}
]
}
SUSE-SU-2026:20112-1
Vulnerability from csaf_suse - Published: 2026-01-17 13:20 - Updated: 2026-01-17 13:20Summary
Security update for docker
Severity
Critical
Notes
Title of the patch: Security update for docker
Description of the patch: This update for docker fixes the following issues:
Changes in docker:
- Update to Docker 28.5.1-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2851>
- Update to Docker 28.5.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2850>
- Update to docker-buildx v0.29.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.29.0>
- Remove git-core recommends on SLE. Most SLE systems have
installRecommends=yes by default and thus end up installing git with Docker.
bsc#1250508
This feature is mostly intended for developers ("docker build git://") so
most users already have the dependency installed, and the error when git is
missing is fairly straightforward (so they can easily figure out what they
need to install).
- Update to docker-buildx v0.28.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.28.0>
- Update to Docker 28.4.0-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2840>
* Fixes a nil pointer panic in "docker push". bsc#1248373
- Update warnings and errors related to "docker buildx ..." so that they
reference our openSUSE docker-buildx packages.
- Enable building docker-buildx for SLE15 systems with SUSEConnect secret
injection enabled. PED-12534 PED-8905 bsc#1247594
As docker-buildx does not support our SUSEConnect secret injection (and some
users depend "docker build" working transparently), patch the docker CLI so
that "docker build" will no longer automatically call "docker buildx build",
effectively making DOCKER_BUILDKIT=0 the default configuration. Users can
manually use "docker buildx ..." commands or set DOCKER_BUILDKIT=1 in order
to opt-in to using docker-buildx.
Users can silence the "docker build" warning by setting DOCKER_BUILDKIT=0
explicitly.
In order to inject SCC credentials with docker-buildx, users should use
RUN --mount=type=secret,id=SCCcredentials zypper -n ...
in their Dockerfiles, and
docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .
when doing their builds.
- Update to Docker 28.3.3-ce. See upstream changelog online at
<https://docs.docker.com/engine/release-notes/28/#2833>
CVE-2025-54388 bsc#1247367
- Update to docker-buildx v0.26.1. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.26.1>
- Update to docker-buildx v0.26.0. Upstream changelog:
<https://github.com/docker/buildx/releases/tag/v0.26.0>
Patchnames: SUSE-SL-Micro-6.2-151
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.2 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for docker",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for docker fixes the following issues:\n\nChanges in docker:\n\n- Update to Docker 28.5.1-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2851\u003e\n\n- Update to Docker 28.5.0-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2850\u003e\n\n- Update to docker-buildx v0.29.0. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.29.0\u003e\n\n- Remove git-core recommends on SLE. Most SLE systems have\n installRecommends=yes by default and thus end up installing git with Docker.\n bsc#1250508\n\n This feature is mostly intended for developers (\"docker build git://\") so\n most users already have the dependency installed, and the error when git is\n missing is fairly straightforward (so they can easily figure out what they\n need to install).\n\n- Update to docker-buildx v0.28.0. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.28.0\u003e\n\n- Update to Docker 28.4.0-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2840\u003e\n * Fixes a nil pointer panic in \"docker push\". bsc#1248373\n\n- Update warnings and errors related to \"docker buildx ...\" so that they\n reference our openSUSE docker-buildx packages.\n\n- Enable building docker-buildx for SLE15 systems with SUSEConnect secret\n injection enabled. PED-12534 PED-8905 bsc#1247594\n\n As docker-buildx does not support our SUSEConnect secret injection (and some\n users depend \"docker build\" working transparently), patch the docker CLI so\n that \"docker build\" will no longer automatically call \"docker buildx build\",\n effectively making DOCKER_BUILDKIT=0 the default configuration. Users can\n manually use \"docker buildx ...\" commands or set DOCKER_BUILDKIT=1 in order\n to opt-in to using docker-buildx.\n\n Users can silence the \"docker build\" warning by setting DOCKER_BUILDKIT=0\n explicitly.\n\n In order to inject SCC credentials with docker-buildx, users should use\n\n RUN --mount=type=secret,id=SCCcredentials zypper -n ...\n\n in their Dockerfiles, and\n\n docker buildx build --secret id=SCCcredentials,src=/etc/zypp/credentials.d/SCCcredentials,type=file .\n\n when doing their builds.\n\n- Update to Docker 28.3.3-ce. See upstream changelog online at\n \u003chttps://docs.docker.com/engine/release-notes/28/#2833\u003e\n CVE-2025-54388 bsc#1247367\n\n- Update to docker-buildx v0.26.1. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.26.1\u003e\n\n- Update to docker-buildx v0.26.0. Upstream changelog:\n \u003chttps://github.com/docker/buildx/releases/tag/v0.26.0\u003e\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-151",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20112-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20112-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620112-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20112-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023877.html"
},
{
"category": "self",
"summary": "SUSE Bug 1247367",
"url": "https://bugzilla.suse.com/1247367"
},
{
"category": "self",
"summary": "SUSE Bug 1247594",
"url": "https://bugzilla.suse.com/1247594"
},
{
"category": "self",
"summary": "SUSE Bug 1248373",
"url": "https://bugzilla.suse.com/1248373"
},
{
"category": "self",
"summary": "SUSE Bug 1250508",
"url": "https://bugzilla.suse.com/1250508"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-54388 page",
"url": "https://www.suse.com/security/cve/CVE-2025-54388/"
}
],
"title": "Security update for docker",
"tracking": {
"current_release_date": "2026-01-17T13:20:31Z",
"generator": {
"date": "2026-01-17T13:20:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20112-1",
"initial_release_date": "2026-01-17T13:20:31Z",
"revision_history": [
{
"date": "2026-01-17T13:20:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "docker-28.5.1_ce-160000.4.1.aarch64",
"product": {
"name": "docker-28.5.1_ce-160000.4.1.aarch64",
"product_id": "docker-28.5.1_ce-160000.4.1.aarch64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.29.0-160000.4.1.aarch64",
"product": {
"name": "docker-buildx-0.29.0-160000.4.1.aarch64",
"product_id": "docker-buildx-0.29.0-160000.4.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.5.1_ce-160000.4.1.ppc64le",
"product": {
"name": "docker-28.5.1_ce-160000.4.1.ppc64le",
"product_id": "docker-28.5.1_ce-160000.4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.29.0-160000.4.1.ppc64le",
"product": {
"name": "docker-buildx-0.29.0-160000.4.1.ppc64le",
"product_id": "docker-buildx-0.29.0-160000.4.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.5.1_ce-160000.4.1.s390x",
"product": {
"name": "docker-28.5.1_ce-160000.4.1.s390x",
"product_id": "docker-28.5.1_ce-160000.4.1.s390x"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.29.0-160000.4.1.s390x",
"product": {
"name": "docker-buildx-0.29.0-160000.4.1.s390x",
"product_id": "docker-buildx-0.29.0-160000.4.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "docker-28.5.1_ce-160000.4.1.x86_64",
"product": {
"name": "docker-28.5.1_ce-160000.4.1.x86_64",
"product_id": "docker-28.5.1_ce-160000.4.1.x86_64"
}
},
{
"category": "product_version",
"name": "docker-buildx-0.29.0-160000.4.1.x86_64",
"product": {
"name": "docker-buildx-0.29.0-160000.4.1.x86_64",
"product_id": "docker-buildx-0.29.0-160000.4.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.aarch64"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.ppc64le"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.s390x"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-28.5.1_ce-160000.4.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.x86_64"
},
"product_reference": "docker-28.5.1_ce-160000.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.aarch64"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.ppc64le"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.s390x"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "docker-buildx-0.29.0-160000.4.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.x86_64"
},
"product_reference": "docker-buildx-0.29.0-160000.4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-54388"
}
],
"notes": [
{
"category": "general",
"text": "Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.aarch64",
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.ppc64le",
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.s390x",
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.x86_64",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.aarch64",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.ppc64le",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.s390x",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-54388",
"url": "https://www.suse.com/security/cve/CVE-2025-54388"
},
{
"category": "external",
"summary": "SUSE Bug 1247367 for CVE-2025-54388",
"url": "https://bugzilla.suse.com/1247367"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.aarch64",
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.ppc64le",
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.s390x",
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.x86_64",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.aarch64",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.ppc64le",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.s390x",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.aarch64",
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.ppc64le",
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.s390x",
"SUSE Linux Micro 6.2:docker-28.5.1_ce-160000.4.1.x86_64",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.aarch64",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.ppc64le",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.s390x",
"SUSE Linux Micro 6.2:docker-buildx-0.29.0-160000.4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-17T13:20:31Z",
"details": "moderate"
}
],
"title": "CVE-2025-54388"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…