196 matches found
CVE-2023-45288 affecting package moby-engine for versions less than 25.0.3-10
CVE-2023-45288 affecting package moby-engine for versions less than 25.0.3-10. A patched version of the package is available...
CVE-2024-23650 affecting package moby-engine for versions less than 24.0.9-14
CVE-2024-23650 affecting package moby-engine for versions less than 24.0.9-14. A patched version of the package is available...
Azure Linux 3.0 Security Update: moby-engine (CVE-2024-41110)
The version of moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41110 advisory. - Moby is an open-source project created by Docker for software containerization. A security vulnerabilit...
Azure Linux 3.0 Security Update: moby-engine (CVE-2024-36621)
The version of moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36621 advisory. - moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The...
Azure Linux 3.0 Security Update: docker-cli / moby-cli / moby-compose / moby-engine (CVE-2024-36623)
The version of docker-cli / moby-cli / moby-compose / moby-engine installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36623 advisory. - moby through v25.0.3 has a Race Condition vulnerability in the...
Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cf-cli / cri-o / csi-driver-lvm / golang / keda / moby-engine / node-problem-detector (CVE-2021-44716)
The version of application-gateway-kubernetes-ingress / cf-cli / cri-o / csi-driver-lvm / golang / keda / moby-engine / node-problem-detector installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-44716...
Azure Linux 3.0 Security Update: golang / ig / moby-engine / skopeo (CVE-2022-2879)
The version of golang / ig / moby-engine / skopeo installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-2879 advisory. - Reader.Read does not set a limit on the maximum size of file headers. A malicious...
CVE-2024-24786 affecting package moby-engine for versions less than 24.0.9-13
CVE-2024-24786 affecting package moby-engine for versions less than 24.0.9-13. A patched version of the package is available...
CVE-2024-45337 affecting package moby-engine for versions less than 25.0.3-9
CVE-2024-45337 affecting package moby-engine for versions less than 25.0.3-9. A patched version of the package is available...
CVE-2024-45337 affecting package moby-engine for versions less than 24.0.9-12
CVE-2024-45337 affecting package moby-engine for versions less than 24.0.9-12. A patched version of the package is available...
CBL Mariner 2.0 Security Update: moby-engine (CVE-2024-36621)
The version of moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36621 advisory. - moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The...
CVE-2024-36623 affecting package moby-engine for versions less than 24.0.9-11
CVE-2024-36623 affecting package moby-engine for versions less than 24.0.9-11. A patched version of the package is available...
CVE-2024-36621 affecting package moby-engine for versions less than 24.0.9-11
CVE-2024-36621 affecting package moby-engine for versions less than 24.0.9-11. A patched version of the package is available...
AZL-54357 CVE-2024-45337 affecting package moby-engine for versions less than 25.0.3-9
Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...
AZL-54320 CVE-2024-45337 affecting package moby-engine for versions less than 24.0.9-13
Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...
CVE-2024-36620 affecting package moby-engine for versions less than 25.0.3-8
CVE-2024-36620 affecting package moby-engine for versions less than 25.0.3-8. A patched version of the package is available...
CVE-2024-36623 affecting package moby-engine for versions less than 25.0.3-8
CVE-2024-36623 affecting package moby-engine for versions less than 25.0.3-8. A patched version of the package is available...
CVE-2024-36621 affecting package moby-engine for versions less than 25.0.3-8
CVE-2024-36621 affecting package moby-engine for versions less than 25.0.3-8. A patched version of the package is available...
CVE-2024-24786 affecting package moby-engine for versions less than 25.0.3-7
CVE-2024-24786 affecting package moby-engine for versions less than 25.0.3-7. A patched version of the package is available...
AZL-53824 CVE-2024-36623 affecting package moby-engine for versions less than 25.0.3-9
moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes...