Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-24557 (GCVE-0-2024-24557)
Vulnerability from cvelistv5 – Published: 2024-02-01 16:26 – Updated: 2025-05-15 15:27
VLAI
EPSS
VEX
Title
Moby classic builder cache poisoning
Summary
Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHECK and ONBUILD) would not cause a cache miss. An attacker with the knowledge of the Dockerfile someone is using could poison their cache by making them pull a specially crafted image that would be considered as a valid cache candidate for some build steps. 23.0+ users are only affected if they explicitly opted out of Buildkit (DOCKER_BUILDKIT=0 environment variable) or are using the /build API endpoint. All users on versions older than 23.0 could be impacted. Image build API endpoint (/build) and ImageBuild function from github.com/docker/docker/client is also affected as it the uses classic builder by default. Patches are included in 24.0.9 and 25.0.2 releases.
Severity
6.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/moby/moby/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/moby/moby/commit/3e230cfdcc989… | x_refsource_MISC |
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:19:52.928Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc"
},
{
"name": "https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24557",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-15T15:20:50.514908Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-15T15:27:27.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "moby",
"vendor": "moby",
"versions": [
{
"status": "affected",
"version": "\u003e= 25.0.0, \u003c 25.0.2"
},
{
"status": "affected",
"version": " \u003c 24.0.9"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHECK and ONBUILD) would not cause a cache miss. An attacker with the knowledge of the Dockerfile someone is using could poison their cache by making them pull a specially crafted image that would be considered as a valid cache candidate for some build steps. 23.0+ users are only affected if they explicitly opted out of Buildkit (DOCKER_BUILDKIT=0 environment variable) or are using the /build API endpoint. All users on versions older than 23.0 could be impacted. Image build API endpoint (/build) and ImageBuild function from github.com/docker/docker/client is also affected as it the uses classic builder by default. Patches are included in 24.0.9 and 25.0.2 releases."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346: Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345: Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-01T17:38:40.747Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc"
},
{
"name": "https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae"
}
],
"source": {
"advisory": "GHSA-xw73-rw38-6vjc",
"discovery": "UNKNOWN"
},
"title": "Moby classic builder cache poisoning"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-24557",
"datePublished": "2024-02-01T16:26:29.685Z",
"dateReserved": "2024-01-25T15:09:40.208Z",
"dateUpdated": "2025-05-15T15:27:27.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-24557",
"date": "2026-07-16",
"epss": "0.00258",
"percentile": "0.17272"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"24.0.9\", \"matchCriteriaId\": \"8334C2EE-69C4-42D5-89C3-00C77A880F08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"25.0.0\", \"versionEndExcluding\": \"25.0.2\", \"matchCriteriaId\": \"D9331CA9-E92E-4D37-8C87-92F6D4418C4A\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHECK and ONBUILD) would not cause a cache miss. An attacker with the knowledge of the Dockerfile someone is using could poison their cache by making them pull a specially crafted image that would be considered as a valid cache candidate for some build steps. 23.0+ users are only affected if they explicitly opted out of Buildkit (DOCKER_BUILDKIT=0 environment variable) or are using the /build API endpoint. All users on versions older than 23.0 could be impacted. Image build API endpoint (/build) and ImageBuild function from github.com/docker/docker/client is also affected as it the uses classic builder by default. Patches are included in 24.0.9 and 25.0.2 releases.\"}, {\"lang\": \"es\", \"value\": \"Moby es un proyecto de c\\u00f3digo abierto creado por Docker para permitir la contenedorizaci\\u00f3n de software. El sistema de cach\\u00e9 del constructor cl\\u00e1sico es propenso a envenenar el cach\\u00e9 si la imagen se crea DESDE scratch. Adem\\u00e1s, los cambios en algunas instrucciones (las m\\u00e1s importantes son HEALTHCHECK y ONBUILD) no provocar\\u00edan una p\\u00e9rdida de cach\\u00e9. Un atacante con conocimiento del Dockerfile que alguien est\\u00e1 usando podr\\u00eda envenenar su cach\\u00e9 al obligarlo a extraer una imagen especialmente manipulada que se considerar\\u00eda como un candidato de cach\\u00e9 v\\u00e1lido para algunos pasos de compilaci\\u00f3n. Los usuarios de 23.0+ solo se ven afectados si optaron expl\\u00edcitamente por no participar en Buildkit (variable de entorno DOCKER_BUILDKIT=0) o si est\\u00e1n usando el endpoint API /build. Todos los usuarios con versiones anteriores a la 23.0 podr\\u00edan verse afectados. El punto final de la API de creaci\\u00f3n de im\\u00e1genes (/build) y la funci\\u00f3n ImageBuild de github.com/docker/docker/client tambi\\u00e9n se ven afectados ya que utiliza el generador cl\\u00e1sico de forma predeterminada. Los parches se incluyen en las versiones 24.0.9 y 25.0.2.\"}]",
"id": "CVE-2024-24557",
"lastModified": "2024-11-21T08:59:24.603",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L\", \"baseScore\": 6.9, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 5.3}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
"published": "2024-02-01T17:15:10.953",
"references": "[{\"url\": \"https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc\", \"source\": \"security-advisories@github.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security-advisories@github.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-345\"}, {\"lang\": \"en\", \"value\": \"CWE-346\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-346\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-24557\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-02-01T17:15:10.953\",\"lastModified\":\"2026-06-17T07:14:36.123\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHECK and ONBUILD) would not cause a cache miss. An attacker with the knowledge of the Dockerfile someone is using could poison their cache by making them pull a specially crafted image that would be considered as a valid cache candidate for some build steps. 23.0+ users are only affected if they explicitly opted out of Buildkit (DOCKER_BUILDKIT=0 environment variable) or are using the /build API endpoint. All users on versions older than 23.0 could be impacted. Image build API endpoint (/build) and ImageBuild function from github.com/docker/docker/client is also affected as it the uses classic builder by default. Patches are included in 24.0.9 and 25.0.2 releases.\"},{\"lang\":\"es\",\"value\":\"Moby es un proyecto de c\u00f3digo abierto creado por Docker para permitir la contenedorizaci\u00f3n de software. El sistema de cach\u00e9 del constructor cl\u00e1sico es propenso a envenenar el cach\u00e9 si la imagen se crea DESDE scratch. Adem\u00e1s, los cambios en algunas instrucciones (las m\u00e1s importantes son HEALTHCHECK y ONBUILD) no provocar\u00edan una p\u00e9rdida de cach\u00e9. Un atacante con conocimiento del Dockerfile que alguien est\u00e1 usando podr\u00eda envenenar su cach\u00e9 al obligarlo a extraer una imagen especialmente manipulada que se considerar\u00eda como un candidato de cach\u00e9 v\u00e1lido para algunos pasos de compilaci\u00f3n. Los usuarios de 23.0+ solo se ven afectados si optaron expl\u00edcitamente por no participar en Buildkit (variable de entorno DOCKER_BUILDKIT=0) o si est\u00e1n usando el endpoint API /build. Todos los usuarios con versiones anteriores a la 23.0 podr\u00edan verse afectados. El punto final de la API de creaci\u00f3n de im\u00e1genes (/build) y la funci\u00f3n ImageBuild de github.com/docker/docker/client tambi\u00e9n se ven afectados ya que utiliza el generador cl\u00e1sico de forma predeterminada. Los parches se incluyen en las versiones 24.0.9 y 25.0.2.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"moby\",\"product\":\"moby\",\"versions\":[{\"version\":\"\u003e= 25.0.0, \u003c 25.0.2\",\"status\":\"affected\"},{\"version\":\" \u003c 24.0.9\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L\",\"baseScore\":6.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.0,\"impactScore\":5.3},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2025-05-15T15:20:50.514908Z\",\"id\":\"CVE-2024-24557\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-345\"},{\"lang\":\"en\",\"value\":\"CWE-346\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-346\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"24.0.9\",\"matchCriteriaId\":\"8334C2EE-69C4-42D5-89C3-00C77A880F08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"25.0.0\",\"versionEndExcluding\":\"25.0.2\",\"matchCriteriaId\":\"D9331CA9-E92E-4D37-8C87-92F6D4418C4A\"}]}]}],\"references\":[{\"url\":\"https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"redhat_vex": {
"aggregate_severity": "Moderate",
"current_release_date": "2026-04-03T09:38:35+00:00",
"cve": "CVE-2024-24557",
"id": "CVE-2024-24557",
"initial_release_date": "2024-02-01T00:00:00+00:00",
"product_status:fixed": "13",
"product_status:known_affected": "1",
"product_status:known_not_affected": "36",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "moby: classic builder cache poisoning",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2024/cve-2024-24557.json",
"version": "3"
},
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc\", \"name\": \"https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae\", \"name\": \"https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T23:19:52.928Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-24557\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-15T15:20:50.514908Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-15T15:27:23.013Z\"}}], \"cna\": {\"title\": \"Moby classic builder cache poisoning\", \"source\": {\"advisory\": \"GHSA-xw73-rw38-6vjc\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.9, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"moby\", \"product\": \"moby\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 25.0.0, \u003c 25.0.2\"}, {\"status\": \"affected\", \"version\": \" \u003c 24.0.9\"}]}], \"references\": [{\"url\": \"https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc\", \"name\": \"https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae\", \"name\": \"https://github.com/moby/moby/commit/3e230cfdcc989dc524882f6579f9e0dac77400ae\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHECK and ONBUILD) would not cause a cache miss. An attacker with the knowledge of the Dockerfile someone is using could poison their cache by making them pull a specially crafted image that would be considered as a valid cache candidate for some build steps. 23.0+ users are only affected if they explicitly opted out of Buildkit (DOCKER_BUILDKIT=0 environment variable) or are using the /build API endpoint. All users on versions older than 23.0 could be impacted. Image build API endpoint (/build) and ImageBuild function from github.com/docker/docker/client is also affected as it the uses classic builder by default. Patches are included in 24.0.9 and 25.0.2 releases.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-346\", \"description\": \"CWE-346: Origin Validation Error\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-345\", \"description\": \"CWE-345: Insufficient Verification of Data Authenticity\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-02-01T17:38:40.747Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-24557\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-15T15:27:27.082Z\", \"dateReserved\": \"2024-01-25T15:09:40.208Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-02-01T16:26:29.685Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
WID-SEC-W-2024-0272
Vulnerability from csaf_certbund - Published: 2024-01-31 23:00 - Updated: 2025-10-12 22:00Summary
docker: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Docker ist eine Open-Source-Software, die dazu verwendet werden kann, Anwendungen mithilfe von Betriebssystemvirtualisierung in Containern zu isolieren.
Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Docker ausnutzen, um seine Privilegien zu erhöhen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, Sicherheitsmaßnahmen zu umgehen oder Dateien zu manipulieren.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Windows
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Container Platform <4.14.11
Red Hat / OpenShift
|
Container Platform <4.14.11 | ||
|
Red Hat OpenShift Container Platform <4.11.58
Red Hat / OpenShift
|
Container Platform <4.11.58 | ||
|
Broadcom Brocade SANnav <2.3.1a
Broadcom / Brocade SANnav
|
<2.3.1a | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.74
Red Hat / OpenShift
|
Container Platform <4.12.74 | ||
|
Red Hat OpenShift Container Platform <4.13.32
Red Hat / OpenShift
|
Container Platform <4.13.32 | ||
|
Dell NetWorker <19.10.0.2
Dell / NetWorker
|
<19.10.0.2 | ||
|
Red Hat OpenShift Container Platform <4.12.49
Red Hat / OpenShift
|
Container Platform <4.12.49 | ||
|
Palo Alto Networks Cortex XSOAR
Palo Alto Networks
|
cpe:/a:paloaltonetworks:cortex_xsoar:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Open Source docker runc <1.1.12
Open Source / docker
|
runc <1.1.12 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.46
Red Hat / OpenShift
|
Container Platform <4.15.46 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.13.56
Red Hat / OpenShift
|
Container Platform <4.13.56 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source docker Desktop <4.27.2
Open Source / docker
|
Desktop <4.27.2 | ||
|
Red Hat OpenShift Container Platform <4.14.49
Red Hat / OpenShift
|
Container Platform <4.14.49 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Container Platform <4.14.11
Red Hat / OpenShift
|
Container Platform <4.14.11 | ||
|
Open Source docker BuildKit <0.12.5
Open Source / docker
|
BuildKit <0.12.5 | ||
|
Red Hat OpenShift Container Platform <4.11.58
Red Hat / OpenShift
|
Container Platform <4.11.58 | ||
|
Broadcom Brocade SANnav <2.3.1a
Broadcom / Brocade SANnav
|
<2.3.1a | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.74
Red Hat / OpenShift
|
Container Platform <4.12.74 | ||
|
Red Hat OpenShift Container Platform <4.13.32
Red Hat / OpenShift
|
Container Platform <4.13.32 | ||
|
Dell NetWorker <19.10.0.2
Dell / NetWorker
|
<19.10.0.2 | ||
|
Red Hat OpenShift Container Platform <4.12.49
Red Hat / OpenShift
|
Container Platform <4.12.49 | ||
|
Palo Alto Networks Cortex XSOAR
Palo Alto Networks
|
cpe:/a:paloaltonetworks:cortex_xsoar:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.46
Red Hat / OpenShift
|
Container Platform <4.15.46 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.13.56
Red Hat / OpenShift
|
Container Platform <4.13.56 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source docker Desktop <4.27.2
Open Source / docker
|
Desktop <4.27.2 | ||
|
Red Hat OpenShift Container Platform <4.14.49
Red Hat / OpenShift
|
Container Platform <4.14.49 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Container Platform <4.14.11
Red Hat / OpenShift
|
Container Platform <4.14.11 | ||
|
Open Source docker BuildKit <0.12.5
Open Source / docker
|
BuildKit <0.12.5 | ||
|
Red Hat OpenShift Container Platform <4.11.58
Red Hat / OpenShift
|
Container Platform <4.11.58 | ||
|
Broadcom Brocade SANnav <2.3.1a
Broadcom / Brocade SANnav
|
<2.3.1a | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.74
Red Hat / OpenShift
|
Container Platform <4.12.74 | ||
|
Red Hat OpenShift Container Platform <4.13.32
Red Hat / OpenShift
|
Container Platform <4.13.32 | ||
|
Dell NetWorker <19.10.0.2
Dell / NetWorker
|
<19.10.0.2 | ||
|
Red Hat OpenShift Container Platform <4.12.49
Red Hat / OpenShift
|
Container Platform <4.12.49 | ||
|
Palo Alto Networks Cortex XSOAR
Palo Alto Networks
|
cpe:/a:paloaltonetworks:cortex_xsoar:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.46
Red Hat / OpenShift
|
Container Platform <4.15.46 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.13.56
Red Hat / OpenShift
|
Container Platform <4.13.56 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source docker Desktop <4.27.2
Open Source / docker
|
Desktop <4.27.2 | ||
|
Red Hat OpenShift Container Platform <4.14.49
Red Hat / OpenShift
|
Container Platform <4.14.49 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Container Platform <4.14.11
Red Hat / OpenShift
|
Container Platform <4.14.11 | ||
|
Open Source docker BuildKit <0.12.5
Open Source / docker
|
BuildKit <0.12.5 | ||
|
Red Hat OpenShift Container Platform <4.11.58
Red Hat / OpenShift
|
Container Platform <4.11.58 | ||
|
Broadcom Brocade SANnav <2.3.1a
Broadcom / Brocade SANnav
|
<2.3.1a | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.74
Red Hat / OpenShift
|
Container Platform <4.12.74 | ||
|
Red Hat OpenShift Container Platform <4.13.32
Red Hat / OpenShift
|
Container Platform <4.13.32 | ||
|
Dell NetWorker <19.10.0.2
Dell / NetWorker
|
<19.10.0.2 | ||
|
Red Hat OpenShift Container Platform <4.12.49
Red Hat / OpenShift
|
Container Platform <4.12.49 | ||
|
Palo Alto Networks Cortex XSOAR
Palo Alto Networks
|
cpe:/a:paloaltonetworks:cortex_xsoar:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.46
Red Hat / OpenShift
|
Container Platform <4.15.46 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.13.56
Red Hat / OpenShift
|
Container Platform <4.13.56 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source docker Desktop <4.27.2
Open Source / docker
|
Desktop <4.27.2 | ||
|
Red Hat OpenShift Container Platform <4.14.49
Red Hat / OpenShift
|
Container Platform <4.14.49 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Container Platform <4.14.11
Red Hat / OpenShift
|
Container Platform <4.14.11 | ||
|
Open Source docker BuildKit <0.12.5
Open Source / docker
|
BuildKit <0.12.5 | ||
|
Red Hat OpenShift Container Platform <4.11.58
Red Hat / OpenShift
|
Container Platform <4.11.58 | ||
|
Broadcom Brocade SANnav <2.3.1a
Broadcom / Brocade SANnav
|
<2.3.1a | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.74
Red Hat / OpenShift
|
Container Platform <4.12.74 | ||
|
Red Hat OpenShift Container Platform <4.13.32
Red Hat / OpenShift
|
Container Platform <4.13.32 | ||
|
Dell NetWorker <19.10.0.2
Dell / NetWorker
|
<19.10.0.2 | ||
|
Red Hat OpenShift Container Platform <4.12.49
Red Hat / OpenShift
|
Container Platform <4.12.49 | ||
|
Palo Alto Networks Cortex XSOAR
Palo Alto Networks
|
cpe:/a:paloaltonetworks:cortex_xsoar:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.46
Red Hat / OpenShift
|
Container Platform <4.15.46 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.13.56
Red Hat / OpenShift
|
Container Platform <4.13.56 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source docker Desktop <4.27.2
Open Source / docker
|
Desktop <4.27.2 | ||
|
Red Hat OpenShift Container Platform <4.14.49
Red Hat / OpenShift
|
Container Platform <4.14.49 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Container Platform <4.14.11
Red Hat / OpenShift
|
Container Platform <4.14.11 | ||
|
Open Source docker Moby <25.0.2
Open Source / docker
|
Moby <25.0.2 | ||
|
Red Hat OpenShift Container Platform <4.11.58
Red Hat / OpenShift
|
Container Platform <4.11.58 | ||
|
Broadcom Brocade SANnav <2.3.1a
Broadcom / Brocade SANnav
|
<2.3.1a | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.12.74
Red Hat / OpenShift
|
Container Platform <4.12.74 | ||
|
Red Hat OpenShift Container Platform <4.13.32
Red Hat / OpenShift
|
Container Platform <4.13.32 | ||
|
Dell NetWorker <19.10.0.2
Dell / NetWorker
|
<19.10.0.2 | ||
|
Red Hat OpenShift Container Platform <4.12.49
Red Hat / OpenShift
|
Container Platform <4.12.49 | ||
|
Palo Alto Networks Cortex XSOAR
Palo Alto Networks
|
cpe:/a:paloaltonetworks:cortex_xsoar:-
|
— | |
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
Red Hat OpenShift Container Platform <4.15.46
Red Hat / OpenShift
|
Container Platform <4.15.46 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.13.56
Red Hat / OpenShift
|
Container Platform <4.13.56 | ||
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— | |
|
Open Source docker Desktop <4.27.2
Open Source / docker
|
Desktop <4.27.2 | ||
|
Red Hat OpenShift Container Platform <4.14.49
Red Hat / OpenShift
|
Container Platform <4.14.49 |
References
87 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Docker ist eine Open-Source-Software, die dazu verwendet werden kann, Anwendungen mithilfe von Betriebssystemvirtualisierung in Containern zu isolieren.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Docker ausnutzen, um seine Privilegien zu erh\u00f6hen, einen Denial-of-Service-Zustand zu verursachen, vertrauliche Informationen offenzulegen, Sicherheitsma\u00dfnahmen zu umgehen oder Dateien zu manipulieren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0272 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0272.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0272 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0272"
},
{
"category": "external",
"summary": "Docker Security Advisory vom 2024-01-31",
"url": "https://www.docker.com/blog/docker-security-advisory-multiple-vulnerabilities-in-runc-buildkit-and-moby/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0295-1 vom 2024-02-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017833.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0294-1 vom 2024-02-01",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017834.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-900DC7F6FF vom 2024-02-01",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-900dc7f6ff"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-9044C9EEFA vom 2024-02-01",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-9044c9eefa"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5615 vom 2024-02-04",
"url": "https://lists.debian.org/debian-security-announce/2024/msg00022.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0670 vom 2024-02-02",
"url": "https://access.redhat.com/errata/RHSA-2024:0670"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0670 vom 2024-02-06",
"url": "http://linux.oracle.com/errata/ELSA-2024-0670.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0328-1 vom 2024-02-05",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017865.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0717 vom 2024-02-07",
"url": "https://access.redhat.com/errata/RHSA-2024:0717"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0752 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0752"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0756 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0756"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0764 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0764"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0757 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0757"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0759 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0759"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0666 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0666"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0645 vom 2024-02-07",
"url": "https://access.redhat.com/errata/RHSA-2024:0645"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0682 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0682"
},
{
"category": "external",
"summary": "Docker Desktop release notes vom 2024-02-08",
"url": "https://docs.docker.com/desktop/release-notes/#4272"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0760 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0760"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0662 vom 2024-02-07",
"url": "https://access.redhat.com/errata/RHSA-2024:0662"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0748 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0748"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0758 vom 2024-02-08",
"url": "https://access.redhat.com/errata/RHSA-2024:0758"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0755 vom 2024-02-09",
"url": "https://access.redhat.com/errata/RHSA-2024:0755"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:0684 vom 2024-02-09",
"url": "https://access.redhat.com/errata/RHSA-2024:0684"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-17931 vom 2024-02-10",
"url": "https://linux.oracle.com/errata/ELSA-2024-17931.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-12148 vom 2024-02-10",
"url": "https://linux.oracle.com/errata/ELSA-2024-12148.html"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:0752 vom 2024-02-12",
"url": "https://errata.build.resf.org/RLSA-2024:0752"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0459-1 vom 2024-02-13",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017910.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0748 vom 2024-02-15",
"url": "https://linux.oracle.com/errata/ELSA-2024-0748.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-0752 vom 2024-02-14",
"url": "https://linux.oracle.com/errata/ELSA-2024-0752.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3735 vom 2024-02-19",
"url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html"
},
{
"category": "external",
"summary": "Palo Alto Networks Security Advisory PAN-SA-2024-0002 vom 2024-02-22",
"url": "https://security.paloaltonetworks.com/PAN-SA-2024-0002"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0586-1 vom 2024-02-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017990.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0587-1 vom 2024-02-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-February/017989.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2023:7201 vom 2024-02-28",
"url": "https://access.redhat.com/errata/RHSA-2023:7201"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASNITRO-ENCLAVES-2024-039 vom 2024-03-06",
"url": "https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVES-2024-039.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASDOCKER-2024-039 vom 2024-03-06",
"url": "https://alas.aws.amazon.com/AL2/ALASDOCKER-2024-039.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:1270 vom 2024-03-12",
"url": "https://access.redhat.com/errata/RHSA-2024:1270"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:0586-2 vom 2024-04-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018256.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-164 vom 2024-04-05",
"url": "https://www.dell.com/support/kbdoc/000223801/dsa-2024-="
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:1469-1 vom 2024-04-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-April/018439.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:2988 vom 2024-05-22",
"url": "https://access.redhat.com/errata/RHSA-2024:2988"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-2988 vom 2024-05-28",
"url": "https://linux.oracle.com/errata/ELSA-2024-2988.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202407-12 vom 2024-07-05",
"url": "https://security.gentoo.org/glsa/202407-12"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202407-25 vom 2024-07-10",
"url": "https://security.gentoo.org/glsa/202407-25"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7162077 vom 2024-07-31",
"url": "https://www.ibm.com/support/pages/node/7162077"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2801-1 vom 2024-08-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019134.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:2801-2 vom 2024-08-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-August/019136.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202408-25 vom 2024-08-11",
"url": "https://security.gentoo.org/glsa/202408-25"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASDOCKER-2024-044 vom 2024-08-29",
"url": "https://alas.aws.amazon.com/AL2/ALASDOCKER-2024-044.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASNITRO-ENCLAVES-2024-045 vom 2024-08-29",
"url": "https://alas.aws.amazon.com/AL2/ALASNITRO-ENCLAVES-2024-045.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3120-1 vom 2024-09-03",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019345.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASECS-2024-041 vom 2024-09-03",
"url": "https://alas.aws.amazon.com/AL2/ALASECS-2024-041.html"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202409-29 vom 2024-09-28",
"url": "https://security.gentoo.org/glsa/202409-29"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2024-0282083260 vom 2024-10-19",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-0282083260"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-1CAB90A9E7 vom 2024-10-19",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-1cab90a9e7"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-28E375F8CA vom 2024-10-19",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-28e375f8ca"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-1068D5C32B vom 2024-10-19",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-1068d5c32b"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-AFA796A751 vom 2024-10-19",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-afa796a751"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-EE9F0F22B6 vom 2024-10-19",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-ee9f0f22b6"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2024-69528C0BA6 vom 2024-10-19",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-69528c0ba6"
},
{
"category": "external",
"summary": "Brocade Security Advisory BSA-2024-2749 vom 2024-11-02",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25074"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10147 vom 2024-11-27",
"url": "https://access.redhat.com/errata/RHSA-2024:10149"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10520 vom 2024-12-03",
"url": "https://access.redhat.com/errata/RHSA-2024:10520"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10525 vom 2024-12-05",
"url": "https://access.redhat.com/errata/RHSA-2024:10525"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10841 vom 2024-12-12",
"url": "https://access.redhat.com/errata/RHSA-2024:10841"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14571-1 vom 2024-12-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/6XZ7QNLFOMP7ZODQGCLQFRNRPEWZELNY/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0115 vom 2025-01-14",
"url": "https://access.redhat.com/errata/RHSA-2025:0115"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0226-1 vom 2025-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020191.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0650 vom 2025-01-29",
"url": "https://access.redhat.com/errata/RHSA-2025:0650"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0074-1 vom 2025-02-24",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/MFFSKUX256PEK52RLQGT33MIN3ZQO27D/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1711 vom 2025-02-27",
"url": "https://access.redhat.com/errata/RHSA-2025:1711"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2441 vom 2025-03-13",
"url": "https://access.redhat.com/errata/RHSA-2025:2441"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2710 vom 2025-03-20",
"url": "https://access.redhat.com/errata/RHSA-2025:2710"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2701 vom 2025-03-20",
"url": "https://access.redhat.com/errata/RHSA-2025:2701"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1102-1 vom 2025-04-02",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020639.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7474-1 vom 2025-05-01",
"url": "https://ubuntu.com/security/notices/USN-7474-1"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20107-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021214.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:20056-1 vom 2025-06-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021311.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9340 vom 2025-06-23",
"url": "https://access.redhat.com/errata/RHSA-2025:9340"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:11749 vom 2025-07-24",
"url": "https://access.redhat.com/errata/RHSA-2025:11749"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15589-1 vom 2025-10-01",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EIIL6ZDECMHZ2FPMF2NB3HCD4ICR42KQ/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03540-1 vom 2025-10-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-October/022826.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03545-1 vom 2025-10-13",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UB7MGNRMXC5LO5Y66FLOE354VVU5ULQK/"
}
],
"source_lang": "en-US",
"title": "docker: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-12T22:00:00.000+00:00",
"generator": {
"date": "2025-10-13T09:29:58.824+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2024-0272",
"initial_release_date": "2024-01-31T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-01-31T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-02-01T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-02-04T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian und Red Hat aufgenommen"
},
{
"date": "2024-02-05T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux und SUSE aufgenommen"
},
{
"date": "2024-02-07T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-02-08T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-02-11T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-02-12T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-02-13T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-02-14T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-02-18T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2024-02-21T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Palo Alto Networks aufgenommen"
},
{
"date": "2024-02-22T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-02-27T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-03-05T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-03-12T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-04-04T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE und Dell aufgenommen"
},
{
"date": "2024-04-29T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-05-21T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-05-28T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-07-04T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-07-09T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-07-31T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-08-06T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-07T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-08-11T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-08-29T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-09-03T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von SUSE und Amazon aufgenommen"
},
{
"date": "2024-09-29T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-10-20T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2024-11-03T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von BROCADE aufgenommen"
},
{
"date": "2024-11-26T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-03T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-04T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-11T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-15T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-01-13T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-23T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-01-28T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-24T23:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-02-26T23:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-13T23:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-19T23:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-02T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-05-01T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-06-22T22:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-24T22:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-10-12T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "51"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c2.3.1a",
"product": {
"name": "Broadcom Brocade SANnav \u003c2.3.1a",
"product_id": "T038317"
}
},
{
"category": "product_version",
"name": "2.3.1a",
"product": {
"name": "Broadcom Brocade SANnav 2.3.1a",
"product_id": "T038317-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:broadcom:brocade_sannav:2.3.1a"
}
}
}
],
"category": "product_name",
"name": "Brocade SANnav"
}
],
"category": "vendor",
"name": "Broadcom"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.10.0.2",
"product": {
"name": "Dell NetWorker \u003c19.10.0.2",
"product_id": "T033910"
}
},
{
"category": "product_version",
"name": "19.10.0.2",
"product": {
"name": "Dell NetWorker 19.10.0.2",
"product_id": "T033910-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:19.10.0.2"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "runc \u003c1.1.12",
"product": {
"name": "Open Source docker runc \u003c1.1.12",
"product_id": "T032453"
}
},
{
"category": "product_version",
"name": "runc 1.1.12",
"product": {
"name": "Open Source docker runc 1.1.12",
"product_id": "T032453-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:docker:docker:runc__1.1.12"
}
}
},
{
"category": "product_version_range",
"name": "BuildKit \u003c0.12.5",
"product": {
"name": "Open Source docker BuildKit \u003c0.12.5",
"product_id": "T032454"
}
},
{
"category": "product_version",
"name": "BuildKit 0.12.5",
"product": {
"name": "Open Source docker BuildKit 0.12.5",
"product_id": "T032454-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:docker:docker:buildkit__0.12.5"
}
}
},
{
"category": "product_version_range",
"name": "Moby \u003c25.0.2",
"product": {
"name": "Open Source docker Moby \u003c25.0.2",
"product_id": "T032455"
}
},
{
"category": "product_version",
"name": "Moby 25.0.2",
"product": {
"name": "Open Source docker Moby 25.0.2",
"product_id": "T032455-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:docker:docker:moby__25.0.2"
}
}
},
{
"category": "product_version_range",
"name": "Moby \u003c24.0.9",
"product": {
"name": "Open Source docker Moby \u003c24.0.9",
"product_id": "T032456"
}
},
{
"category": "product_version",
"name": "Moby 24.0.9",
"product": {
"name": "Open Source docker Moby 24.0.9",
"product_id": "T032456-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:docker:docker:moby__24.0.9"
}
}
},
{
"category": "product_version_range",
"name": "Desktop \u003c4.27.1",
"product": {
"name": "Open Source docker Desktop \u003c4.27.1",
"product_id": "T032457"
}
},
{
"category": "product_version",
"name": "Desktop 4.27.1",
"product": {
"name": "Open Source docker Desktop 4.27.1",
"product_id": "T032457-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:docker:docker:desktop__4.27.1"
}
}
},
{
"category": "product_version_range",
"name": "Desktop \u003c4.27.2",
"product": {
"name": "Open Source docker Desktop \u003c4.27.2",
"product_id": "T032605"
}
},
{
"category": "product_version",
"name": "Desktop 4.27.2",
"product": {
"name": "Open Source docker Desktop 4.27.2",
"product_id": "T032605-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:docker:docker:desktop__4.27.2"
}
}
}
],
"category": "product_name",
"name": "docker"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Palo Alto Networks Cortex XSOAR",
"product": {
"name": "Palo Alto Networks Cortex XSOAR",
"product_id": "T033043",
"product_identification_helper": {
"cpe": "cpe:/a:paloaltonetworks:cortex_xsoar:-"
}
}
}
],
"category": "vendor",
"name": "Palo Alto Networks"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.11",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.11",
"product_id": "T032600"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.11",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.11",
"product_id": "T032600-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.11"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.13.32",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.13.32",
"product_id": "T032601"
}
},
{
"category": "product_version",
"name": "Container Platform 4.13.32",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13.32",
"product_id": "T032601-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.13.32"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.12.49",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.12.49",
"product_id": "T032602"
}
},
{
"category": "product_version",
"name": "Container Platform 4.12.49",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12.49",
"product_id": "T032602-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.12.49"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.11.58",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.11.58",
"product_id": "T032603"
}
},
{
"category": "product_version",
"name": "Container Platform 4.11.58",
"product": {
"name": "Red Hat OpenShift Container Platform 4.11.58",
"product_id": "T032603-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.11.58"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.15.46",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.15.46",
"product_id": "T041462"
}
},
{
"category": "product_version",
"name": "Container Platform 4.15.46",
"product": {
"name": "Red Hat OpenShift Container Platform 4.15.46",
"product_id": "T041462-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.15.46"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.12.74",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.12.74",
"product_id": "T041814"
}
},
{
"category": "product_version",
"name": "Container Platform 4.12.74",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12.74",
"product_id": "T041814-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.12.74"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.13.56",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.13.56",
"product_id": "T042009"
}
},
{
"category": "product_version",
"name": "Container Platform 4.13.56",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13.56",
"product_id": "T042009-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.13.56"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.14.49",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.14.49",
"product_id": "T042010"
}
},
{
"category": "product_version",
"name": "Container Platform 4.14.49",
"product": {
"name": "Red Hat OpenShift Container Platform 4.14.49",
"product_id": "T042010-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.14.49"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21626",
"product_status": {
"known_affected": [
"T032600",
"T032603",
"T038317",
"67646",
"T041814",
"T032601",
"T033910",
"T032602",
"T033043",
"T012167",
"T004914",
"T032255",
"T032453",
"74185",
"T041462",
"2951",
"T002207",
"T000126",
"T042009",
"T027843",
"398363",
"T032605",
"T042010"
]
},
"release_date": "2024-01-31T23:00:00.000+00:00",
"title": "CVE-2024-21626"
},
{
"cve": "CVE-2024-23651",
"product_status": {
"known_affected": [
"T032600",
"T032454",
"T032603",
"T038317",
"67646",
"T041814",
"T032601",
"T033910",
"T032602",
"T033043",
"T012167",
"T004914",
"T032255",
"74185",
"T041462",
"2951",
"T002207",
"T000126",
"T042009",
"T027843",
"398363",
"T032605",
"T042010"
]
},
"release_date": "2024-01-31T23:00:00.000+00:00",
"title": "CVE-2024-23651"
},
{
"cve": "CVE-2024-23652",
"product_status": {
"known_affected": [
"T032600",
"T032454",
"T032603",
"T038317",
"67646",
"T041814",
"T032601",
"T033910",
"T032602",
"T033043",
"T012167",
"T004914",
"T032255",
"74185",
"T041462",
"2951",
"T002207",
"T000126",
"T042009",
"T027843",
"398363",
"T032605",
"T042010"
]
},
"release_date": "2024-01-31T23:00:00.000+00:00",
"title": "CVE-2024-23652"
},
{
"cve": "CVE-2024-23653",
"product_status": {
"known_affected": [
"T032600",
"T032454",
"T032603",
"T038317",
"67646",
"T041814",
"T032601",
"T033910",
"T032602",
"T033043",
"T012167",
"T004914",
"T032255",
"74185",
"T041462",
"2951",
"T002207",
"T000126",
"T042009",
"T027843",
"398363",
"T032605",
"T042010"
]
},
"release_date": "2024-01-31T23:00:00.000+00:00",
"title": "CVE-2024-23653"
},
{
"cve": "CVE-2024-23650",
"product_status": {
"known_affected": [
"T032600",
"T032454",
"T032603",
"T038317",
"67646",
"T041814",
"T032601",
"T033910",
"T032602",
"T033043",
"T012167",
"T004914",
"T032255",
"74185",
"T041462",
"2951",
"T002207",
"T000126",
"T042009",
"T027843",
"398363",
"T032605",
"T042010"
]
},
"release_date": "2024-01-31T23:00:00.000+00:00",
"title": "CVE-2024-23650"
},
{
"cve": "CVE-2024-24557",
"product_status": {
"known_affected": [
"T032600",
"T032455",
"T032603",
"T038317",
"67646",
"T041814",
"T032601",
"T033910",
"T032602",
"T033043",
"T012167",
"T004914",
"T032255",
"74185",
"T041462",
"2951",
"T002207",
"T000126",
"T042009",
"T027843",
"398363",
"T032605",
"T042010"
]
},
"release_date": "2024-01-31T23:00:00.000+00:00",
"title": "CVE-2024-24557"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…