CVE-2025-11065 affecting package moby-cli for versions less than 24.0.9-8

CVE-2025-11065 affecting package moby-cli for versions less than 24.0.9-8. A patched version of the package is available...

Azure Linux 3.0 Security Update: docker-cli / moby-cli / moby-compose / moby-engine (CVE-2024-36623)

The version of docker-cli / moby-cli / moby-compose / moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36623 advisory. - moby through v25.0.3 has a Race Condition vulnerability in the...

Azure Linux 3.0 Security Update: cert-manager / helm / moby-cli / moby-compose / moby-engine (CVE-2023-2253)

The version of cert-manager / helm / moby-cli / moby-compose / moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2253 advisory. - A flaw was found in the /v2/catalog endpoint in...

CVE-2024-24786 affecting package moby-cli for versions less than 24.0.9-6

CVE-2024-24786 affecting package moby-cli for versions less than 24.0.9-6. A patched version of the package is available...

CVE-2024-36623 affecting package moby-cli for versions less than 24.0.9-5

CVE-2024-36623 affecting package moby-cli for versions less than 24.0.9-5. A patched version of the package is available...

AZL-53801 CVE-2024-36623 affecting package moby-cli for versions less than 24.0.9-6

moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes...

CVE-2023-45288 affecting package moby-cli for versions less than 24.0.9-3

CVE-2023-45288 affecting package moby-cli for versions less than 24.0.9-3. A patched version of the package is available...

CBL Mariner 2.0 Security Update: docker-compose / moby-engine / docker-buildx / moby-cli (CVE-2024-23653)

The version of docker-compose / moby-engine / docker-buildx / moby-cli installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23653 advisory. - BuildKit is a toolkit for converting source code to build...

CBL Mariner 2.0 Security Update: cert-manager / helm / moby-cli / moby-compose / moby-engine (CVE-2023-2253)

The version of cert-manager / helm / moby-cli / moby-compose / moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2253 advisory. - A flaw was found in the /v2/catalog endpoint in...

CVE-2022-41717 affecting package moby-cli for versions less than 24.0.9-1

CVE-2022-41717 affecting package moby-cli for versions less than 24.0.9-1. An upgraded version of the package is available that resolves this issue...

AZL-39984 CVE-2023-45288 affecting package moby-cli for versions less than 24.0.9-3

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-39981 CVE-2024-24786 affecting package moby-cli for versions less than 24.0.9-6

The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...

CVE-2021-44716 affecting package moby-cli for versions less than 20.10.27-5

CVE-2021-44716 affecting package moby-cli for versions less than 20.10.27-5. A patched version of the package is available...

CVE-2022-21698 affecting package moby-cli for versions less than 20.10.27-5

CVE-2022-21698 affecting package moby-cli for versions less than 20.10.27-5. A patched version of the package is available...

CVE-2024-23653 affecting package moby-cli for versions less than 20.10.27-3

CVE-2024-23653 affecting package moby-cli for versions less than 20.10.27-3. A patched version of the package is available...

CVE-2023-48795 affecting package moby-cli for versions less than 20.10.27-2

CVE-2023-48795 affecting package moby-cli for versions less than 20.10.27-2. A patched version of the package is available...

CVE-2023-2253 affecting package moby-cli for versions less than 20.10.27-1

CVE-2023-2253 affecting package moby-cli for versions less than 20.10.27-1. An upgraded version of the package is available that resolves this issue...

AZL-32223 CVE-2023-48795 affecting package moby-cli for versions less than 20.10.27-2

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

AZL-31326 CVE-2023-44487 affecting package moby-cli for versions less than 20.10.25-2

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

AZL-33617 CVE-2022-41717 affecting package moby-cli for versions less than 24.0.9-1

An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate...