/
DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2024-36620

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2024-36620

CGA ID

CGA-gjcj-qxmx-h4w3

Severity

6.5

Medium

CVSS V3

Description

moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.

References

  • https://images.chainguard.dev/security/CGA-gjcj-qxmx-h4w3
  • https://github.com/advisories/GHSA-q59j-vv4j-v33c
  • https://github.com/moby/moby/commit/ab570ab3d62038b3d26f96a9bb585d0b6095b9b4
  • https://gist.github.com/1047524396/f08816669701ab478a265a811d2c89b2
  • https://github.com/moby/moby/blob/v26.0.2/daemon/images/image_history.go#L48

Affected packages

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsPricingOpen SourceCareersNewsroomLegal

Resources

Unchained BlogEventsTrust CenterDocumentation