2 matches found
AZL-57363 CVE-2025-22868 affecting package moby-engine for versions less than 25.0.3-11
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...
AZL-34086 CVE-2024-23652 affecting package moby-engine for versions less than 20.10.27-4
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the...