GHSA-XMMX-7JPF-FX42 — Vulnetix

GHSA-XMMX-7JPF-FX42 PUBLISHED CVSS 8.600000381469727 HIGH

Moby (Docker Engine) is vulnerable to Ambiguous OCI manifest parsing

Risk Scores

CVSS v4.0

8.600000381469727

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
github.com	docker/docker	0, 0, 0
Go	github.com/moby/moby	0
github.com	moby/moby	0, 0, 0
Go	github.com/docker/docker	0
github.com	moby/moby	0
github.com	docker/docker	0

Timeline

Jun 10, 2024 CVE Published
Jul 5, 2024 CVE Updated

References

https://github.com/moby/moby/security/advisories/GHSA-xmmx-7jpf-fx42 url
GitHub Advisory GHSA-xmmx-7jpf-fx42 vendor-advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›