CVE-2024-36623 affecting package moby-compose for versions less than 2.17.3-8

🗓️ 13 Dec 2024 17:35:56Reported by CBL MarinerType

cbl_mariner

cbl_mariner👁 9 Views

CVE-2024-36623 impacts moby-compose versions below 2.17.3-8 with a patch available.

Reporter	Title	Published	Views	Family All 110
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	30 Sep 202516:56	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities exists in IBM Netezza Software	19 Jun 202617:22	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Db2® on Cloud Pak for Data, and Db2 Warehouse on Cloud Pak for Data	4 Mar 202615:08	–	ibm
IBM Security Bulletins	Security Bulletin: Moby Multiple Concurrency and NULL Pointer Dereference Vulnerabilities Leading to DoS and Data Corruption, affects watsonx.data	5 Dec 202505:21	–	ibm
Tenable Nessus	Amazon Linux 2 : docker (ALASDOCKER-2024-040)	1 Aug 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : docker (ALASECS-2024-042)	5 Sep 202400:00	–	nessus
Tenable Nessus	Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2024-041)	31 Jul 202400:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: docker-cli / moby-cli / moby-compose / moby-engine (CVE-2024-36623)	10 Feb 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2025-1134)	10 Feb 202500:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2025-1153)	10 Feb 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
CBL-Mariner	2.0	all	moby-compose	2.17.3-8	UNKNOWN

13 Dec 2024 17:35Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.18.1

EPSS0.00629

SSVC

cve-2024-36623 moby-compose patched version unix vulnerability