Lucene search
+L

26 matches found

nessus
nessus
added 2025/03/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2022-36109

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not s...

6.3CVSS7AI score0.00837EPSS
Exploits0References3
ibm
ibm
added 2024/08/05 7:51 p.m.30 views

Security Bulletin: IBM Storage Ceph is vulnerable to Files or Directories Accessible to External Parties in Grafana (CVE-2021-41089, CVE-2022-24769, CVE-2021-41091, CVE-2018-20699, CVE-2022-36109)

Summary Moby is used by IBM Storage Ceph in Grafana as part of metrics. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2021-41089, CVE-2022-24769, CVE-2021-41091, CVE-2018-20699, CVE-2022-36109. Vulnerability Details CVEID:CVE-2022-36109 DESCRIPTION: Moby...

6.3CVSS8AI score0.02671EPSS
Exploits3Affected Software1
nessus
nessus
added 2023/12/27 12:0 a.m.32 views

NewStart CGSL MAIN 5.04 : docker-ce Vulnerability (NS-SA-2023-0109)

The remote NewStart CGSL host, running version MAIN 5.04, has docker-ce packages installed that are affected by a vulnerability: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up...

6.3CVSS7.2AI score0.00837EPSS
Exploits0References3
ibm
ibm
added 2023/12/04 3:45 p.m.28 views

Security Bulletin: Vunerability in docker engine affect pattern Type shipped with Cloud Pak System (CVE-2022-36109)

Summary Bypass security group permission vulnerability in moby docker engine as shipped with patternType shipped with Cloud Pak System. Vulnerability Details CVEID:CVE-2022-36109 DESCRIPTION: Moby could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a fla...

6.3CVSS7.2AI score0.00837EPSS
Exploits0Affected Software1
nessus
nessus
added 2023/10/20 12:0 a.m.30 views

Amazon Linux 2 : docker (ALASECS-2023-013)

The version of docker installed on the remote host is prior to 20.10.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-013 advisory. A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the...

6.3CVSS6.9AI score0.00837EPSS
Exploits1References4
nessus
nessus
added 2023/05/18 12:0 a.m.28 views

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2023-1949)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where...

7.8CVSS7.2AI score0.00837EPSS
Exploits1References4
openvas
openvas
added 2023/05/18 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2023-1949)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00837EPSS
Exploits1References2
ibm
ibm
added 2023/05/15 6:56 p.m.41 views

Security Bulletin: Open Source Dependency Vulnerability

Summary IBM Edge Application Manager 4.5 has resolved the vulnerability. Vulnerability Details CVEID:CVE-2022-36109 DESCRIPTION: Moby could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw with the supplementary groups are not set up properly. By...

6.3CVSS8.2AI score0.02671EPSS
Exploits3Affected Software1
nessus
nessus
added 2023/05/13 12:0 a.m.41 views

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2023-1837)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where...

7.8CVSS7.2AI score0.00837EPSS
Exploits1References4
openvas
openvas
added 2023/05/10 12:0 a.m.26 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2023-1864)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00837EPSS
Exploits1References2
openvas
openvas
added 2023/05/10 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2023-1837)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.2AI score0.00837EPSS
Exploits1References2
nessus
nessus
added 2023/05/01 12:0 a.m.35 views

Amazon Linux 2 : docker (ALASDOCKER-2023-024)

The version of docker installed on the remote host is prior to 20.10.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2023-024 advisory. A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the...

6.3CVSS6.9AI score0.00837EPSS
Exploits1References4
nessus
nessus
added 2023/04/06 12:0 a.m.35 views

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2023-022)

The version of docker installed on the remote host is prior to 20.10.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2023-022 advisory. A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw i...

6.3CVSS6.9AI score0.00837EPSS
Exploits1References4
nessus
nessus
added 2023/04/06 12:0 a.m.137 views

Amazon Linux 2 : docker (ALASDOCKER-2023-022)

The version of docker installed on the remote host is prior to 20.10.23-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2023-022 advisory. A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the...

6.3CVSS6.9AI score0.00837EPSS
Exploits1References4
amazon
amazon
added 2023/04/05 12:0 a.m.5 views

Medium: docker

Issue Overview: A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the supplementary group access setup. CVE-2022-36109 Docker version 20.10.15, build fd82621 is vulnerable to Insecure Permissions. Unauthorized users outside the Docker...

6.3CVSS6.8AI score0.00837EPSS
Exploits1
nessus
nessus
added 2023/03/29 12:0 a.m.37 views

SUSE SLES12 Security Update : docker (SUSE-SU-2023:1625-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:1625-1 advisory. - CVE-2022-36109: Fixed a supplementary group permissions bypass bsc1205375. Update to 20.10.23-ce...

6.3CVSS6.7AI score0.00837EPSS
Exploits0References6
openvas
openvas
added 2023/03/28 12:0 a.m.21 views

SUSE: Security Advisory (SUSE-SU-2023:0795-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS5.5AI score0.00837EPSS
Exploits0References7
openvas
openvas
added 2023/03/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2023-0009)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.08676EPSS
Exploits0References9
nessus
nessus
added 2023/03/23 12:0 a.m.58 views

Amazon Linux 2023 : docker (ALAS2023-2023-143)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-143 advisory. A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the supplementary group access setup. CVE-2022-36109 Tenable has extracted the preceding...

6.3CVSS6.8AI score0.00837EPSS
Exploits0References4
amazon
amazon
added 2023/03/22 12:0 a.m.4 views

Low: docker

Issue Overview: A flaw was found in Moby. This flaw allows an attacker to bypass primary group restrictions due to a flaw in the supplementary group access setup. CVE-2022-36109 Affected Packages: docker Issue Correction: Run dnf update docker --releasever 2023.0.20230322 or dnf update --advisory...

6.3CVSS6.3AI score0.00837EPSS
Exploits0
Rows per page
Query Builder