CISA Activity - Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components

  • Welcome to ITBible, we're your #1 resource for enterprise or homelab IT problems (or just a place to show off your stuff).


Moby and the Open Container Initiative (OCI) have released updates for multiple vulnerabilities (CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626) affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the advisories from Moby BuildKit (CVE-2024-23651, CVE-2024-23652, CVE-2024-23653) and OCI runc (CVE-2024-21626), as well as the Snyk blog post about these vulnerabilities and apply the necessary updates.

Continue reading...