Usage subject to Terms and Conditions

Read the original article at https://www.cisa.gov/news-events/alerts/2024/02/01/moby-and-open-container-initiative-release-critical-updates-multiple-vulnerabilities-affecting

Moby and the Open Container Initiative (OCI) have released updates for multiple vulnerabilities (CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626) affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor could exploit these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the advisories from Moby BuildKit (CVE-2024-23651, CVE-2024-23652, CVE-2024-23653) and OCI runc (CVE-2024-21626), as well as the Snyk blog post about these vulnerabilities and apply the necessary updates.

Read the original article at https://www.cisa.gov/news-events/alerts/2024/02/01/moby-and-open-container-initiative-release-critical-updates-multiple-vulnerabilities-affecting