AZL-35666 CVE-2024-24786 affecting package moby-engine for versions less than 25.0.3-7

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

PT-2022-19901 · Podman +11 · Podman +11

Name of the Vulnerable Software and Affected Versions: Buildah versions prior to 20.10.18 CRI-O versions prior to 20.10.18 Docker versions prior to 20.10.18 Moby Docker Engine versions prior to 20.10.18 Podman versions prior to 20.10.18 Description: The issue arises from an incorrect handling of...