Search CVE reports
1 – 7 of 7 results
CVE-2024-32473
Medium priorityMoby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those...
2 affected packages
docker.io, docker.io-app
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
docker.io-app | Needs evaluation | Needs evaluation | Needs evaluation | — | — |
CVE-2024-24557
Medium priorityMoby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most...
2 affected packages
docker.io, docker.io-app
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Not affected |
docker.io-app | Vulnerable | Vulnerable | Vulnerable | Not in release | Not in release |
CVE-2024-23653
Medium priorityBuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive...
2 affected packages
docker.io, docker.io-app
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Not affected |
docker.io-app | Vulnerable | Vulnerable | Vulnerable | Not in release | Not in release |
CVE-2024-23652
Medium priorityBuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files...
2 affected packages
docker.io, docker.io-app
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Ignored |
docker.io-app | Vulnerable | Vulnerable | Vulnerable | Not in release | Not in release |
CVE-2024-23651
Medium priorityBuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race...
2 affected packages
docker.io, docker.io-app
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Not affected |
docker.io-app | Vulnerable | Vulnerable | Vulnerable | Not in release | Not in release |
CVE-2024-23650
Medium priorityBuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with...
2 affected packages
docker.io, docker.io-app
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Not affected |
docker.io-app | Vulnerable | Vulnerable | Vulnerable | Not in release | Not in release |
CVE-2023-26054
Medium priorityBuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In affected versions when the user sends a build request that contains a Git URL that contains credentials and...
2 affected packages
docker.io, docker.io-app
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Not affected | Not affected | Not affected | Not affected | Not affected |
docker.io-app | Not affected | Not affected | Not affected | Not in release | Not in release |