K000152602: Multiple Moby vulnerabilities

Security Advisory Description CVE-2023-28840 Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is common...

Linux Distros Unpatched Vulnerability : CVE-2023-28841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1928)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2023-28840

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which i...

EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2023-2637)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various...

SUSE CVE-2023-28841

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...

Authorization Bypass

github.com/moby/moby is vulnerable to Authorization Bypass. Encrypted overlay networks accept cleartext VXLAN datagrams tagged with the VNI of the network, which allows remote attackers to arbitrary inject ethernet frames into the encrypted overlay network...

DEBIAN-CVE-2023-28840

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which i...

CVE-2023-28841

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...

CVE-2023-28842

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker. Swarm Mode, which is...

CVE-2023-28840

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which i...

Design/Logic Flaw

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which i...

CVE-2023-28840

CVE-2023-28840 affects Moby/dockerd with Swarm overlay networks (VXLAN) in encrypted mode. The vulnerability stems from how iptables rules (using xt_u32) enforce IPSec for encrypted overlays; admin firewall rules can override Moby’s, potentially allowing unencrypted traffic, and arbitrary Etherne...

CVE-2023-28842

CVE-2023-28842 affects Moby/dockerd, specifically Swarm overlay with encrypted VXLAN: an endpoint on an encrypted overlay can be unauthenticated, allowing cleartext VXLAN traffic to be injected or leaked under certain conditions. The issue stems from how iptables rules and IPsec handling are appl...

PT-2023-4601 · Mirantis +7 · Mirantis Container Runtime +8

Name of the Vulnerable Software and Affected Versions: Moby versions prior to 23.0.3 Moby versions prior to 20.10.24 Mirantis Container Runtime versions prior to 20.10.16 Description: The issue is related to the encrypted overlay network feature in Moby's Swarm Mode. Encrypted overlay networks...

PT-2023-2249 · Mirantis +7 · Mirantis Container Runtime +8

Name of the Vulnerable Software and Affected Versions: Moby versions prior to 23.0.3 Moby versions prior to 20.10.24 Mirantis Container Runtime versions prior to 20.10.16 Description: The issue is related to the use of an unsecured alternative channel in the Swarm Mode of the Moby daemon componen...

Gravitl Netmaker has an unspecified vulnerability

Gravitl Netmaker is a platform for creating and managing fast, secure and dynamic virtual overlay networks using WireGuard from Gravitl USA. Used to create and control automated virtual networks, Gravitl Netmaker contains a security vulnerability that could be exploited by an attacker to run...

Moderate: Red Hat Security Advisory: openstack-neutron security and bug fix update

Updated openstack-neutron packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring...