{"affected":[{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.3","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"28.2.2_ce-150000.227.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.4","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"28.2.2_ce-150000.227.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.5","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Micro%205.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"28.2.2_ce-150000.227.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP7","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"28.2.2_ce-150000.227.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1","docker-bash-completion":"28.2.2_ce-150000.227.1","docker-rootless-extras":"28.2.2_ce-150000.227.1","docker-stable":"24.0.9_ce-150000.1.22.1","docker-stable-bash-completion":"24.0.9_ce-150000.1.22.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15 SP6","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"28.2.2_ce-150000.227.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1","docker-bash-completion":"28.2.2_ce-150000.227.1","docker-rootless-extras":"28.2.2_ce-150000.227.1","docker-stable":"24.0.9_ce-150000.1.22.1","docker-stable-bash-completion":"24.0.9_ce-150000.1.22.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15 SP6","name":"docker-stable","purl":"pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"24.0.9_ce-150000.1.22.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker-bash-completion":"28.2.2_ce-150000.227.1","docker-rootless-extras":"28.2.2_ce-150000.227.1","docker-stable":"24.0.9_ce-150000.1.22.1","docker-stable-bash-completion":"24.0.9_ce-150000.1.22.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15 SP7","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"28.2.2_ce-150000.227.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker-bash-completion":"28.2.2_ce-150000.227.1","docker-rootless-extras":"28.2.2_ce-150000.227.1","docker-stable":"24.0.9_ce-150000.1.22.1","docker-stable-bash-completion":"24.0.9_ce-150000.1.22.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15 SP7","name":"docker-stable","purl":"pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"24.0.9_ce-150000.1.22.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"28.2.2_ce-150000.227.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.2","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Micro%205.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"28.2.2_ce-150000.227.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1","docker-bash-completion":"28.2.2_ce-150000.227.1","docker-fish-completion":"28.2.2_ce-150000.227.1","docker-rootless-extras":"28.2.2_ce-150000.227.1","docker-stable":"24.0.9_ce-150000.1.22.1","docker-stable-bash-completion":"24.0.9_ce-150000.1.22.1","docker-stable-fish-completion":"24.0.9_ce-150000.1.22.1","docker-stable-rootless-extras":"24.0.9_ce-150000.1.22.1","docker-stable-zsh-completion":"24.0.9_ce-150000.1.22.1","docker-zsh-completion":"28.2.2_ce-150000.227.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"docker","purl":"pkg:rpm/opensuse/docker&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"28.2.2_ce-150000.227.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"docker":"28.2.2_ce-150000.227.1","docker-bash-completion":"28.2.2_ce-150000.227.1","docker-fish-completion":"28.2.2_ce-150000.227.1","docker-rootless-extras":"28.2.2_ce-150000.227.1","docker-stable":"24.0.9_ce-150000.1.22.1","docker-stable-bash-completion":"24.0.9_ce-150000.1.22.1","docker-stable-fish-completion":"24.0.9_ce-150000.1.22.1","docker-stable-rootless-extras":"24.0.9_ce-150000.1.22.1","docker-stable-zsh-completion":"24.0.9_ce-150000.1.22.1","docker-zsh-completion":"28.2.2_ce-150000.227.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"docker-stable","purl":"pkg:rpm/opensuse/docker-stable&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"24.0.9_ce-150000.1.22.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for docker fixes the following issues:\n\nUpdate to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):\n\n- CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials \n  allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765)\n- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).\n\nOther fixes:    \n \n- Update to docker-buildx v0.22.0.\n- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).\n- Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534)\n- Now that the only blocker for docker-buildx support was removed for SLE-16,\n  enable docker-buildx for SLE-16 as well. (jsc#PED-8905)\n- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).\n","id":"SUSE-SU-2025:02289-1","modified":"2025-07-11T11:12:49Z","published":"2025-07-11T11:12:49Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202502289-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239765"},{"type":"REPORT","url":"https://bugzilla.suse.com/1240150"},{"type":"REPORT","url":"https://bugzilla.suse.com/1241830"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242114"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243833"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244035"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-0495"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22872"}],"related":["CVE-2025-0495","CVE-2025-22872"],"summary":"Security update for docker","upstream":["CVE-2025-0495","CVE-2025-22872"]}