AZL-52221 CVE-2024-51744 affecting package moby-engine for versions less than 24.0.9-17

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

CVE-2024-29018 affecting package moby-engine for versions less than 25.0.3-6

CVE-2024-29018 affecting package moby-engine for versions less than 25.0.3-6. A patched version of the package is available...

CVE-2023-45142 affecting package moby-engine for versions less than 24.0.9-10

CVE-2023-45142 affecting package moby-engine for versions less than 24.0.9-10. A patched version of the package is available...

CVE-2024-29018 affecting package moby-engine for versions less than 24.0.9-9

CVE-2024-29018 affecting package moby-engine for versions less than 24.0.9-9. A patched version of the package is available...

CVE-2024-41110 affecting package moby-engine for versions less than 25.0.3-5

CVE-2024-41110 affecting package moby-engine for versions less than 25.0.3-5. A patched version of the package is available...

CVE-2022-2879 affecting package moby-engine for versions less than 25.0.3-3

CVE-2022-2879 affecting package moby-engine for versions less than 25.0.3-3. A patched version of the package is available...

CBL Mariner 2.0 Security Update: moby-engine (CVE-2024-41110)

The version of moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41110 advisory. - Moby is an open-source project created by Docker for software containerization. A security vulnerabilit...

CVE-2024-41110 affecting package moby-engine for versions less than 24.0.9-7

CVE-2024-41110 affecting package moby-engine for versions less than 24.0.9-7. A patched version of the package is available...

AZL-47042 CVE-2024-41110 affecting package moby-engine for versions less than 24.0.9-7

Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being...

AZL-47017 CVE-2024-41110 affecting package moby-engine for versions less than 25.0.3-5

Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being...

CBL Mariner 2.0 Security Update: docker-compose / moby-engine / docker-buildx / moby-cli (CVE-2024-23653)

The version of docker-compose / moby-engine / docker-buildx / moby-cli installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23653 advisory. - BuildKit is a toolkit for converting source code to build...

CBL Mariner 2.0 Security Update: moby-containerd / moby-engine (CVE-2023-25153)

The version of moby-containerd / moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-25153 advisory. - containerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, wh...

CBL Mariner 2.0 Security Update: docker-buildx / docker-compose / moby-compose / moby-engine (CVE-2024-23650)

The version of docker-buildx / docker-compose / moby-compose / moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23650 advisory. - BuildKit is a toolkit for converting source code to bui...

CBL Mariner 2.0 Security Update: cert-manager / helm / moby-cli / moby-compose / moby-engine (CVE-2023-2253)

The version of cert-manager / helm / moby-cli / moby-compose / moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-2253 advisory. - A flaw was found in the /v2/catalog endpoint in...

CBL Mariner 2.0 Security Update: moby-engine (CVE-2024-24557)

The version of moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-24557 advisory. - Moby is an open-source project created by Docker to enable software containerization. The classic build...

CVE-2023-45288 affecting package moby-engine for versions less than 24.0.9-2

CVE-2023-45288 affecting package moby-engine for versions less than 24.0.9-2. A patched version of the package is available...

Fedora 37 : moby-engine (2023-fde38dda12)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-fde38dda12 advisory. update to 20.10.22 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested...

AZL-38878 CVE-2023-45288 affecting package moby-engine for versions less than 25.0.3-10

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-39229 CVE-2023-45288 affecting package moby-engine for versions less than 24.0.9-2

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-36900 CVE-2024-29018 affecting package moby-engine for versions less than 25.0.3-6

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...