Alpine: multiple docker packages: security update to 28.3.3-r0

medium Tenable Cloud Security Plugin ID 428667

Description

There are packages installed that are affected by a vulnerability referenced in the following CVE:

- Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine,
Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through
28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by
Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate
the specific rules that block external access to containers. This means that after a firewalld reload,
containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines
that have network routing to the Docker bridge, even though they should only be accessible from the host
itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected.
This issue is fixed in version 28.3.3. (CVE-2025-54388)

See Also

https://security.alpinelinux.org/vuln/CVE-2025-54388

Plugin Details

Severity: Medium

ID: 428667

Version: Revision 1.14

Type: Local

Published: 7/30/2025

Updated: 7/2/2026

Supported Sensors: Agentless Assessment, Tenable Cloud Security, Tenable Self-Hosted Container Security

Risk Information

VPR

Risk Factor: Low

Score: 2.1

Percentile: 7.46

CVSS v2

Risk Factor: Medium

Base Score: 4.8

Temporal Score: 3.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:P/I:P/A:N

CVSS Score Source: CVE-2025-54388

CVSS v3

Risk Factor: Medium

Base Score: 4.6

Temporal Score: 4

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

CVSS v4

Risk Factor: Medium

Base Score: 5.1

Threat Score: 1.2

Threat Vector: CVSS:4.0/E:U

Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 7/29/2025

Reference Information

CVE: CVE-2025-54388

IAVA: 2025-A-0560