Search CVE reports
11 – 20 of 70 results
Some fixes available 7 of 11
moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes.
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Not affected | Fixed | Fixed | Fixed | Fixed |
| docker.io-app | Not affected | Fixed | Fixed | Fixed | — |
Some fixes available 7 of 13
moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion.
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Needs evaluation | Fixed | Fixed | Fixed | Fixed |
| docker.io-app | Not affected | Fixed | Fixed | Fixed | — |
Some fixes available 12 of 13
Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ)...
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Not affected | Fixed | Fixed | Fixed | Fixed |
| docker.io-app | Fixed | Fixed | Fixed | Fixed | — |
Some fixes available 2 of 4
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those...
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Not affected | Not affected | Not affected | Not affected | Not affected |
| docker.io-app | Not affected | Not affected | Fixed | Fixed | — |
Some fixes available 5 of 7
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with...
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Not affected | Ignored | Ignored | Ignored | Fixed |
| docker.io-app | Not affected | Fixed | Fixed | Fixed | — |
Some fixes available 3 of 14
Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most...
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| docker.io-app | Not affected | Fixed | Fixed | Fixed | Not in release |
Some fixes available 3 of 12
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive...
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Not affected | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
| docker.io-app | Not affected | Fixed | Fixed | Fixed | Not in release |
Some fixes available 7 of 12
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files...
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Not affected | Fixed | Fixed | Fixed | Fixed |
| docker.io-app | Not affected | Fixed | Fixed | Fixed | Not in release |
Some fixes available 7 of 12
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race...
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Not affected | Fixed | Fixed | Fixed | Fixed |
| docker.io-app | Not affected | Fixed | Fixed | Fixed | Not in release |
Some fixes available 3 of 8
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with...
2 affected packages
docker.io, docker.io-app
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| docker.io | Not affected | Not affected | Not affected | Not affected | Not affected |
| docker.io-app | Not affected | Fixed | Fixed | Fixed | Not in release |