Lucene search
K

8 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.15 views

Astra Linux – Vulnerability in docker.io-app

Moby v25.0.5 is affected by a race condition in the builder/builder-next/adapters/snapshot/layer.go file. This vulnerability could be exploited to trigger concurrent builds that invoke the EnsureLayer function, leading to resource leaks or exhaustion...

6.5CVSS6.1AI score0.00625EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2024/08/26 2:13 a.m.3 views

SUSE CVE-2024-24557

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions most important being HEALTHCHECK and ONBUILD would not cause a cache miss. An...

6.9CVSS8.6AI score0.00258EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2024/05/22 9:48 a.m.4 views

moby/buildkit: Possible race condition with accessing subpaths from cache mounts

A vulnerability was found in the Moby Builder Toolkit. A malicious BuildKit client or any frontend that can craft a request could lead to the BuildKit daemon crashing with a panic due to the lack of input validation. A frontend is usually specified as the syntax line on a Dockerfile or with the...

5.3CVSS7.1AI score0.00957EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2024/02/01 3:38 p.m.32 views

CVE-2024-23650

A vulnerability was found in the Moby Builder Toolkit. A malicious BuildKit client or any frontend that can craft a request could lead to the BuildKit daemon crashing with a panic due to the lack of input validation. A frontend is usually specified as the syntax line on a Dockerfile or with the...

5.3CVSS7.2AI score0.00957EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2024/02/01 2:33 p.m.68 views

CVE-2024-23652

A vulnerability was found in the Moby Builder Toolkit, which arose from BuildKit's attempts to clean up temporarily added directories after use. A malicious BuildKit frontend or Dockerfile using RUN --mount could deceive the feature responsible for removing empty files created for the mount point...

7.8CVSS9.3AI score0.02038EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2024/02/01 2:31 p.m.55 views

CVE-2024-23653

A vulnerability was found in the Moby Builder Toolkit, specifically in the Interactive Containers API, where entitlement checks are not adequately validated, caused by a missing privilege check in a GRPC endpoint when called using a custom syntax format. This flaw allows the currently running...

7CVSS9.4AI score0.02983EPSS
Exploits0References7
OSV
OSV
added 2024/01/31 11:13 p.m.15 views

GHSA-6HWG-W5JG-9C6X Path Traversal in Moby builder

util/binfmtmisc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call...

5.3CVSS5.4AI score0.01745EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/01/31 11:13 p.m.35 views

Path Traversal in Moby builder

util/binfmtmisc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call...

5.3CVSS6.7AI score0.01745EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder