CVE-2026-0915

ADVISORY - nist

Summary

Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.

EPSS Score⁠: 0.00041 (0.121)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-908⁠

Use of Uninitialized Resource

ADVISORY - redhat

CWE-908⁠

Use of Uninitialized Resource

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.