Cody

**Name of the Vulnerable Software and Affected Versions** Docker (affected versions not specified) **Description** A flaw exists in the Docker daemon’s privilege validation process during `docker plugin install`. The daemon does not fully enforce plugin privilege checks, potentially allowing unintended privilege escalation. This occurs because the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins requesting exactly one privilege are also affected, as no comparison is performed. Exploitation requires installing a plugin from a malicious source. The API endpoint involved is `docker plugin install`. The vulnerable parameter is the plugin configuration. **Recommendations** Do not install plugins from untrusted sources. Carefully review all privileges requested during `docker plugin install`. Restrict access to the Docker daemon to trusted parties, following the principle of least privilege. Avoid relying on plugin privilege approval as the only control boundary for sensitive environments.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 149 Thunderbird versions prior to 149 **Description** A denial-of-service issue exists within the Libraries component of NSS. This flaw could potentially disrupt normal operations. **Recommendations** Update Firefox to version 149 or later. Update Thunderbird to version 149 or later.

**Name of the Vulnerable Software and Affected Versions** Firefox versions prior to 148 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 **Description** A privilege escalation issue exists in the Netmonitor component. This allows for unauthorized access and potential control over the system. **Recommendations** Update Firefox to version 148 or later. Update Firefox ESR to version 140.8 or later. Update Thunderbird to version 148 or later. Update Thunderbird to version 140.8 or later.