Vulnerability-Lookup

CVE-2019-14271 (GCVE-0-2019-14271)

Vulnerability from cvelistv5 – Published: 2019-07-29 17:05 – Updated: 2024-08-05 00:12

Summary

In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

6 references

URL	Tags
https://github.com/moby/moby/issues/39449	x_refsource_MISC
https://docs.docker.com/engine/release-notes/	x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-2019082…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://www.debian.org/security/2019/dsa-4521	vendor-advisoryx_refsource_DEBIAN
https://seclists.org/bugtraq/2019/Sep/21	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T00:12:43.386Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/moby/moby/issues/39449"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://docs.docker.com/engine/release-notes/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"
          },
          {
            "name": "openSUSE-SU-2019:2021",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"
          },
          {
            "name": "DSA-4521",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2019/dsa-4521"
          },
          {
            "name": "20190910 [SECURITY] [DSA 4521-1] docker.io security update",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "https://seclists.org/bugtraq/2019/Sep/21"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-09-10T17:06:14.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/moby/moby/issues/39449"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://docs.docker.com/engine/release-notes/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"
        },
        {
          "name": "openSUSE-SU-2019:2021",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"
        },
        {
          "name": "DSA-4521",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2019/dsa-4521"
        },
        {
          "name": "20190910 [SECURITY] [DSA 4521-1] docker.io security update",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "https://seclists.org/bugtraq/2019/Sep/21"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2019-14271",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/moby/moby/issues/39449",
              "refsource": "MISC",
              "url": "https://github.com/moby/moby/issues/39449"
            },
            {
              "name": "https://docs.docker.com/engine/release-notes/",
              "refsource": "CONFIRM",
              "url": "https://docs.docker.com/engine/release-notes/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20190828-0003/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20190828-0003/"
            },
            {
              "name": "openSUSE-SU-2019:2021",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html"
            },
            {
              "name": "DSA-4521",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2019/dsa-4521"
            },
            {
              "name": "20190910 [SECURITY] [DSA 4521-1] docker.io security update",
              "refsource": "BUGTRAQ",
              "url": "https://seclists.org/bugtraq/2019/Sep/21"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2019-14271",
    "datePublished": "2019-07-29T17:05:57.000Z",
    "dateReserved": "2019-07-25T00:00:00.000Z",
    "dateUpdated": "2024-08-05T00:12:43.386Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2019-14271",
      "date": "2026-06-04",
      "epss": "0.71918",
      "percentile": "0.98762"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2019-14271\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-07-29T18:15:11.223\",\"lastModified\":\"2024-11-21T04:26:20.413\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.\"},{\"lang\":\"es\",\"value\":\"En Docker versi\u00f3n 19.03.x anterior a 19.03.1, vinculado contra la Biblioteca C de GNU (tambi\u00e9n se conoce como glibc), la inyecci\u00f3n de c\u00f3digo puede ocurrir cuando la facilidad nsswitch carga din\u00e1micamente una biblioteca dentro de un chroot que alberga el contenido del contenedor.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-665\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:docker:docker:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"19.03\",\"versionEndExcluding\":\"19.03.1\",\"matchCriteriaId\":\"1111FA5B-3A01-4E9C-82D7-541F27321288\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1E78106-58E6-4D59-990F-75DA575BFAD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://docs.docker.com/engine/release-notes/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/moby/moby/issues/39449\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/21\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190828-0003/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4521\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00084.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://docs.docker.com/engine/release-notes/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/moby/moby/issues/39449\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Sep/21\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190828-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4521\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
  }
}

BDU:2019-03640

Vulnerability from fstec - Published: 03.09.2019

Title

Уязвимость средства автоматизации развёртывания и управления приложениями в средах с поддержкой контейнеризации Docker, связанная с ошибками управления генерацией кода, позволяющая нарушителю оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании

Description

Уязвимость средства автоматизации развёртывания и управления приложениями в средах с поддержкой контейнеризации Docker связана с ошибками управления генерацией кода при динамической загрузке библиотек. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, оказать воздействие на целостность данных, получить несанкционированный доступ к защищаемой информации, а также вызвать отказ в обслуживании

Severity


                    
                      AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vendor

Сообщество свободного программного обеспечения, Docker Inc., АО «Концерн ВНИИНС»

Software Name

Debian GNU/Linux, Docker, ОС ОН «Стрелец» (запись в едином реестре российских программ №6177)

Software Version

10 (Debian GNU/Linux), от 193 до 193.1 (Docker), до 16.01.2023 (ОС ОН «Стрелец»)

Possible Mitigations

Для docker.io: https://docs.docker.com/engine/release-notes/ Для Debian: Обновление программного обеспечения (пакета docker.io) до 18.09.1+dfsg1-7.1+deb10u1 или более поздней версии Для ОС ОН «Стрелец»: Обновление программного обеспечения docker.io до версии 18.09.1+dfsg1-7.1+deb10u3.osnova5

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-14271 https://security-tracker.debian.org/tracker/CVE-2019-14271 https://docs.docker.com/engine/release-notes/ https://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023

CWE

CWE-94

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Docker Inc., \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "10 (Debian GNU/Linux), \u043e\u0442 193 \u0434\u043e 193.1 (Docker), \u0434\u043e 16.01.2023 (\u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0414\u043b\u044f docker.io:\nhttps://docs.docker.com/engine/release-notes/\n\n\u0414\u043b\u044f Debian:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f (\u043f\u0430\u043a\u0435\u0442\u0430 docker.io) \u0434\u043e 18.09.1+dfsg1-7.1+deb10u1 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438\n\n\u0414\u043b\u044f \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb:\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f docker.io \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 18.09.1+dfsg1-7.1+deb10u3.osnova5",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "03.09.2019",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "21.11.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "16.10.2019",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2019-03640",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-14271",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Docker, \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 10 , \u0410\u041e \u00ab\u041a\u043e\u043d\u0446\u0435\u0440\u043d \u0412\u041d\u0418\u0418\u041d\u0421\u00bb \u041e\u0421 \u041e\u041d \u00ab\u0421\u0442\u0440\u0435\u043b\u0435\u0446\u00bb \u0434\u043e 16.01.2023  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21166177)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0440\u0430\u0437\u0432\u0451\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0438\u0437\u0430\u0446\u0438\u0438 Docker, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u0432\u0435\u0440\u043d\u043e\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430 (\u0412\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430) (CWE-94)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0440\u0430\u0437\u0432\u0451\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u0432 \u0441\u0440\u0435\u0434\u0430\u0445 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0438\u0437\u0430\u0446\u0438\u0438 Docker \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u0434\u0438\u043d\u0430\u043c\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0435 \u043d\u0430 \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0437\u0430\u0449\u0438\u0449\u0430\u0435\u043c\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u043d\u044a\u0435\u043a\u0446\u0438\u044f",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271\nhttps://security-tracker.debian.org/tracker/CVE-2019-14271\nhttps://docs.docker.com/engine/release-notes/\nhttps://strelets.net/patchi-i-obnovleniya-bezopasnosti#16012023",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041f\u041e \u0434\u043b\u044f \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0418\u0418",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-94",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 10)\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,8)"
}

cleanstart-2026-bk59402

Vulnerability from cleanstart

Published

2026-01-30 14:00

Modified

2026-01-29 18:58

Summary

Moby is an open-source project created by Docker for software containerization

Details

Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2019-13509	WEB
	https://osv.dev/vulnerability/CVE-2019-14271	WEB
	https://osv.dev/vulnerability/CVE-2020-13401	WEB
	https://osv.dev/vulnerability/CVE-2021-21285	WEB
	https://osv.dev/vulnerability/CVE-2021-41089	WEB
	https://osv.dev/vulnerability/CVE-2022-29526	WEB
	https://osv.dev/vulnerability/CVE-2023-26054	WEB
	https://osv.dev/vulnerability/CVE-2024-23650	WEB
	https://osv.dev/vulnerability/CVE-2024-23651	WEB
	https://osv.dev/vulnerability/CVE-2024-23652	WEB
	https://osv.dev/vulnerability/CVE-2024-23653	WEB
	https://osv.dev/vulnerability/CVE-2024-24557	WEB
	https://osv.dev/vulnerability/CVE-2024-41110	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-13509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-14271	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-13401	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21285	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41089	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-29526	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26054	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23650	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23651	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23652	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23653	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-24557	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-41110	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "docker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "26.1.5-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-BK59402",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T14:00:20.262469Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BK59402"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moby is an open-source project created by Docker for software containerization",
  "upstream": [
    "CVE-2019-13509",
    "CVE-2019-14271",
    "CVE-2020-13401",
    "CVE-2021-21285",
    "CVE-2021-41089",
    "CVE-2022-29526",
    "CVE-2023-26054",
    "CVE-2024-23650",
    "CVE-2024-23651",
    "CVE-2024-23652",
    "CVE-2024-23653",
    "CVE-2024-24557",
    "CVE-2024-41110"
  ]
}

cleanstart-2026-bn11148

Vulnerability from cleanstart

Published

2026-01-30 16:54

Modified

2026-01-29 18:58

Summary

Moby is an open-source project created by Docker for software containerization

Details

Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2019-13509	WEB
	https://osv.dev/vulnerability/CVE-2019-14271	WEB
	https://osv.dev/vulnerability/CVE-2020-13401	WEB
	https://osv.dev/vulnerability/CVE-2021-21285	WEB
	https://osv.dev/vulnerability/CVE-2021-41089	WEB
	https://osv.dev/vulnerability/CVE-2022-29526	WEB
	https://osv.dev/vulnerability/CVE-2023-26054	WEB
	https://osv.dev/vulnerability/CVE-2024-23650	WEB
	https://osv.dev/vulnerability/CVE-2024-23651	WEB
	https://osv.dev/vulnerability/CVE-2024-23652	WEB
	https://osv.dev/vulnerability/CVE-2024-23653	WEB
	https://osv.dev/vulnerability/CVE-2024-24557	WEB
	https://osv.dev/vulnerability/CVE-2024-41110	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-13509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-14271	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-13401	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21285	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41089	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-29526	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26054	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23650	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23651	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23652	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23653	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-24557	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-41110	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "docker-fips"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "26.1.5-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-BN11148",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T16:54:56.412220Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BN11148"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moby is an open-source project created by Docker for software containerization",
  "upstream": [
    "CVE-2019-13509",
    "CVE-2019-14271",
    "CVE-2020-13401",
    "CVE-2021-21285",
    "CVE-2021-41089",
    "CVE-2022-29526",
    "CVE-2023-26054",
    "CVE-2024-23650",
    "CVE-2024-23651",
    "CVE-2024-23652",
    "CVE-2024-23653",
    "CVE-2024-24557",
    "CVE-2024-41110"
  ]
}

cleanstart-2026-gy69323

Vulnerability from cleanstart

Published

2026-01-30 14:00

Modified

2026-01-29 18:58

Summary

Moby is an open-source project created by Docker for software containerization

Details

Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2019-13509	WEB
	https://osv.dev/vulnerability/CVE-2019-14271	WEB
	https://osv.dev/vulnerability/CVE-2020-13401	WEB
	https://osv.dev/vulnerability/CVE-2021-21285	WEB
	https://osv.dev/vulnerability/CVE-2021-41089	WEB
	https://osv.dev/vulnerability/CVE-2022-29526	WEB
	https://osv.dev/vulnerability/CVE-2023-26054	WEB
	https://osv.dev/vulnerability/CVE-2024-23650	WEB
	https://osv.dev/vulnerability/CVE-2024-23651	WEB
	https://osv.dev/vulnerability/CVE-2024-23652	WEB
	https://osv.dev/vulnerability/CVE-2024-23653	WEB
	https://osv.dev/vulnerability/CVE-2024-24557	WEB
	https://osv.dev/vulnerability/CVE-2024-41110	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-13509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-14271	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-13401	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21285	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41089	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-29526	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26054	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23650	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23651	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23652	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23653	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-24557	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-41110	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "docker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "26.1.5-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-GY69323",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T14:00:20.037168Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GY69323"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moby is an open-source project created by Docker for software containerization",
  "upstream": [
    "CVE-2019-13509",
    "CVE-2019-14271",
    "CVE-2020-13401",
    "CVE-2021-21285",
    "CVE-2021-41089",
    "CVE-2022-29526",
    "CVE-2023-26054",
    "CVE-2024-23650",
    "CVE-2024-23651",
    "CVE-2024-23652",
    "CVE-2024-23653",
    "CVE-2024-24557",
    "CVE-2024-41110"
  ]
}

cleanstart-2026-hi89495

Vulnerability from cleanstart

Published

2026-05-18 13:55

Modified

2026-05-02 08:06

Summary

Security fixes for CVE-2019-13509, CVE-2019-14271, CVE-2020-13401, CVE-2021-21285, CVE-2021-41089, CVE-2022-29526, CVE-2023-26054, CVE-2024-23650, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-24557, CVE-2024-41110, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33748, CVE-2026-33810, CVE-2026-39882, CVE-2026-39883, CVE-2026-39984, ghsa-4c29-8rgm-jvjj, ghsa-4vrq-3vrq-g6gg, ghsa-78h2-9frx-2jm8, ghsa-hfvc-g4fc-pqhx, ghsa-w8rr-5gcm-pp58, ghsa-xm5m-wgh2-rrg3, ghsa-xmrv-pmrh-hhx2 applied in versions: 18.09.7-r0, 18.09.8-r0, 19.03.1-r0, 19.03.11-r0, 19.03.14-r0, 20.10.11-r0, 20.10.14-r0, 20.10.16-r0, 20.10.18-r0, 20.10.20-r0, 20.10.3-r0, 20.10.9-r0, 23.0.2-r0, 23.0.3-r0, 25.0.2-r0, 26.0.0-r0, 26.0.2-r0, 26.1.5-r0, 29.3.0-r1

Details

Multiple security vulnerabilities affect the docker package. These issues are resolved in later releases. See references for individual vulnerability details.

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2019-13509	WEB
	https://osv.dev/vulnerability/CVE-2019-14271	WEB
	https://osv.dev/vulnerability/CVE-2020-13401	WEB
	https://osv.dev/vulnerability/CVE-2021-21285	WEB
	https://osv.dev/vulnerability/CVE-2021-41089	WEB
	https://osv.dev/vulnerability/CVE-2022-29526	WEB
	https://osv.dev/vulnerability/CVE-2023-26054	WEB
	https://osv.dev/vulnerability/CVE-2024-23650	WEB
	https://osv.dev/vulnerability/CVE-2024-23651	WEB
	https://osv.dev/vulnerability/CVE-2024-23652	WEB
	https://osv.dev/vulnerability/CVE-2024-23653	WEB
	https://osv.dev/vulnerability/CVE-2024-24557	WEB
	https://osv.dev/vulnerability/CVE-2024-41110	WEB
	https://osv.dev/vulnerability/CVE-2026-27143	WEB
	https://osv.dev/vulnerability/CVE-2026-27144	WEB
	https://osv.dev/vulnerability/CVE-2026-32280	WEB
	https://osv.dev/vulnerability/CVE-2026-32281	WEB
	https://osv.dev/vulnerability/CVE-2026-32282	WEB
	https://osv.dev/vulnerability/CVE-2026-32283	WEB
	https://osv.dev/vulnerability/CVE-2026-32289	WEB
	https://osv.dev/vulnerability/CVE-2026-33748	WEB
	https://osv.dev/vulnerability/CVE-2026-33810	WEB
	https://osv.dev/vulnerability/CVE-2026-39882	WEB
	https://osv.dev/vulnerability/CVE-2026-39883	WEB
	https://osv.dev/vulnerability/CVE-2026-39984	WEB
	https://osv.dev/vulnerability/ghsa-4c29-8rgm-jvjj	WEB
	https://osv.dev/vulnerability/ghsa-4vrq-3vrq-g6gg	WEB
	https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8	WEB
	https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx	WEB
	https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58	WEB
	https://osv.dev/vulnerability/ghsa-xm5m-wgh2-rrg3	WEB
	https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-13509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-14271	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-13401	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21285	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41089	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-29526	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26054	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23650	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23651	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23652	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23653	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-24557	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-41110	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27143	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-27144	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-32280	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-32281	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-32282	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-32283	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-32289	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33748	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-33810	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39882	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39883	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2026-39984	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "docker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "29.3.0-r1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the docker package. These issues are resolved in later releases. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-HI89495",
  "modified": "2026-05-02T08:06:38Z",
  "published": "2026-05-18T13:55:36.297138Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HI89495.json"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27143"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-27144"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-32280"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-32281"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-32282"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-32283"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-32289"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33748"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-33810"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39882"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39883"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2026-39984"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-4c29-8rgm-jvjj"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-4vrq-3vrq-g6gg"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xm5m-wgh2-rrg3"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27143"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27144"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33748"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39984"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "summary": "Security fixes for CVE-2019-13509, CVE-2019-14271, CVE-2020-13401, CVE-2021-21285, CVE-2021-41089, CVE-2022-29526, CVE-2023-26054, CVE-2024-23650, CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-24557, CVE-2024-41110, CVE-2026-27143, CVE-2026-27144, CVE-2026-32280, CVE-2026-32281, CVE-2026-32282, CVE-2026-32283, CVE-2026-32289, CVE-2026-33748, CVE-2026-33810, CVE-2026-39882, CVE-2026-39883, CVE-2026-39984, ghsa-4c29-8rgm-jvjj, ghsa-4vrq-3vrq-g6gg, ghsa-78h2-9frx-2jm8, ghsa-hfvc-g4fc-pqhx, ghsa-w8rr-5gcm-pp58, ghsa-xm5m-wgh2-rrg3, ghsa-xmrv-pmrh-hhx2 applied in versions: 18.09.7-r0, 18.09.8-r0, 19.03.1-r0, 19.03.11-r0, 19.03.14-r0, 20.10.11-r0, 20.10.14-r0, 20.10.16-r0, 20.10.18-r0, 20.10.20-r0, 20.10.3-r0, 20.10.9-r0, 23.0.2-r0, 23.0.3-r0, 25.0.2-r0, 26.0.0-r0, 26.0.2-r0, 26.1.5-r0, 29.3.0-r1",
  "upstream": [
    "CVE-2019-13509",
    "CVE-2019-14271",
    "CVE-2020-13401",
    "CVE-2021-21285",
    "CVE-2021-41089",
    "CVE-2022-29526",
    "CVE-2023-26054",
    "CVE-2024-23650",
    "CVE-2024-23651",
    "CVE-2024-23652",
    "CVE-2024-23653",
    "CVE-2024-24557",
    "CVE-2024-41110",
    "CVE-2026-27143",
    "CVE-2026-27144",
    "CVE-2026-32280",
    "CVE-2026-32281",
    "CVE-2026-32282",
    "CVE-2026-32283",
    "CVE-2026-32289",
    "CVE-2026-33748",
    "CVE-2026-33810",
    "CVE-2026-39882",
    "CVE-2026-39883",
    "CVE-2026-39984",
    "ghsa-4c29-8rgm-jvjj",
    "ghsa-4vrq-3vrq-g6gg",
    "ghsa-78h2-9frx-2jm8",
    "ghsa-hfvc-g4fc-pqhx",
    "ghsa-w8rr-5gcm-pp58",
    "ghsa-xm5m-wgh2-rrg3",
    "ghsa-xmrv-pmrh-hhx2"
  ]
}

cleanstart-2026-hl71566

Vulnerability from cleanstart

Published

2026-01-30 16:50

Modified

2026-01-29 18:58

Summary

excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate

Details

Multiple security vulnerabilities affect the docker-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2019-13509	WEB
	https://osv.dev/vulnerability/CVE-2019-14271	WEB
	https://osv.dev/vulnerability/CVE-2020-13401	WEB
	https://osv.dev/vulnerability/CVE-2021-21285	WEB
	https://osv.dev/vulnerability/CVE-2021-41089	WEB
	https://osv.dev/vulnerability/CVE-2022-29526	WEB
	https://osv.dev/vulnerability/CVE-2023-26054	WEB
	https://osv.dev/vulnerability/CVE-2024-23650	WEB
	https://osv.dev/vulnerability/CVE-2024-23651	WEB
	https://osv.dev/vulnerability/CVE-2024-23652	WEB
	https://osv.dev/vulnerability/CVE-2024-23653	WEB
	https://osv.dev/vulnerability/CVE-2024-24557	WEB
	https://osv.dev/vulnerability/CVE-2024-41110	WEB
	https://osv.dev/vulnerability/CVE-2025-61727	WEB
	https://osv.dev/vulnerability/CVE-2025-61729	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-13509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-14271	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-13401	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21285	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41089	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-29526	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26054	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23650	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23651	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23652	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23653	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-24557	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-41110	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61727	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2025-61729	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "docker-fips"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "28.4.0-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the docker-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-HL71566",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T16:50:56.129322Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HL71566"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2025-61729"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
  "upstream": [
    "CVE-2019-13509",
    "CVE-2019-14271",
    "CVE-2020-13401",
    "CVE-2021-21285",
    "CVE-2021-41089",
    "CVE-2022-29526",
    "CVE-2023-26054",
    "CVE-2024-23650",
    "CVE-2024-23651",
    "CVE-2024-23652",
    "CVE-2024-23653",
    "CVE-2024-24557",
    "CVE-2024-41110",
    "CVE-2025-61727",
    "CVE-2025-61729"
  ]
}

cleanstart-2026-jd48541

Vulnerability from cleanstart

Published

2026-01-30 16:52

Modified

2026-01-29 18:58

Summary

Moby is an open-source project created by Docker for software containerization

Details

Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2019-13509	WEB
	https://osv.dev/vulnerability/CVE-2019-14271	WEB
	https://osv.dev/vulnerability/CVE-2020-13401	WEB
	https://osv.dev/vulnerability/CVE-2021-21285	WEB
	https://osv.dev/vulnerability/CVE-2021-41089	WEB
	https://osv.dev/vulnerability/CVE-2022-29526	WEB
	https://osv.dev/vulnerability/CVE-2023-26054	WEB
	https://osv.dev/vulnerability/CVE-2024-23650	WEB
	https://osv.dev/vulnerability/CVE-2024-23651	WEB
	https://osv.dev/vulnerability/CVE-2024-23652	WEB
	https://osv.dev/vulnerability/CVE-2024-23653	WEB
	https://osv.dev/vulnerability/CVE-2024-24557	WEB
	https://osv.dev/vulnerability/CVE-2024-41110	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-13509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-14271	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-13401	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21285	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41089	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-29526	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26054	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23650	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23651	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23652	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23653	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-24557	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-41110	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "docker-fips"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "26.1.5-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-JD48541",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T16:52:56.596548Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JD48541"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moby is an open-source project created by Docker for software containerization",
  "upstream": [
    "CVE-2019-13509",
    "CVE-2019-14271",
    "CVE-2020-13401",
    "CVE-2021-21285",
    "CVE-2021-41089",
    "CVE-2022-29526",
    "CVE-2023-26054",
    "CVE-2024-23650",
    "CVE-2024-23651",
    "CVE-2024-23652",
    "CVE-2024-23653",
    "CVE-2024-24557",
    "CVE-2024-41110"
  ]
}

cleanstart-2026-os18490

Vulnerability from cleanstart

Published

2026-01-30 16:58

Modified

2026-01-29 18:58

Summary

Moby is an open-source project created by Docker for software containerization

Details

Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2019-13509	WEB
	https://osv.dev/vulnerability/CVE-2019-14271	WEB
	https://osv.dev/vulnerability/CVE-2020-13401	WEB
	https://osv.dev/vulnerability/CVE-2021-21285	WEB
	https://osv.dev/vulnerability/CVE-2021-41089	WEB
	https://osv.dev/vulnerability/CVE-2022-29526	WEB
	https://osv.dev/vulnerability/CVE-2023-26054	WEB
	https://osv.dev/vulnerability/CVE-2024-23650	WEB
	https://osv.dev/vulnerability/CVE-2024-23651	WEB
	https://osv.dev/vulnerability/CVE-2024-23652	WEB
	https://osv.dev/vulnerability/CVE-2024-23653	WEB
	https://osv.dev/vulnerability/CVE-2024-24557	WEB
	https://osv.dev/vulnerability/CVE-2024-41110	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-13509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-14271	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-13401	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21285	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41089	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-29526	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26054	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23650	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23651	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23652	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23653	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-24557	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-41110	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "docker-fips"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "26.1.5-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-OS18490",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T16:58:26.304466Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OS18490"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moby is an open-source project created by Docker for software containerization",
  "upstream": [
    "CVE-2019-13509",
    "CVE-2019-14271",
    "CVE-2020-13401",
    "CVE-2021-21285",
    "CVE-2021-41089",
    "CVE-2022-29526",
    "CVE-2023-26054",
    "CVE-2024-23650",
    "CVE-2024-23651",
    "CVE-2024-23652",
    "CVE-2024-23653",
    "CVE-2024-24557",
    "CVE-2024-41110"
  ]
}

cleanstart-2026-sb85645

Vulnerability from cleanstart

Published

2026-01-30 17:00

Modified

2026-01-29 18:58

Summary

Moby is an open-source project created by Docker for software containerization

Details

Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2019-13509	WEB
	https://osv.dev/vulnerability/CVE-2019-14271	WEB
	https://osv.dev/vulnerability/CVE-2020-13401	WEB
	https://osv.dev/vulnerability/CVE-2021-21285	WEB
	https://osv.dev/vulnerability/CVE-2021-41089	WEB
	https://osv.dev/vulnerability/CVE-2022-29526	WEB
	https://osv.dev/vulnerability/CVE-2023-26054	WEB
	https://osv.dev/vulnerability/CVE-2024-23650	WEB
	https://osv.dev/vulnerability/CVE-2024-23651	WEB
	https://osv.dev/vulnerability/CVE-2024-23652	WEB
	https://osv.dev/vulnerability/CVE-2024-23653	WEB
	https://osv.dev/vulnerability/CVE-2024-24557	WEB
	https://osv.dev/vulnerability/CVE-2024-41110	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-13509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-14271	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-13401	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21285	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41089	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-29526	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26054	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23650	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23651	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23652	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23653	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-24557	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-41110	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "docker-fips"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "26.1.5-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-SB85645",
  "modified": "2026-01-29T18:58:54Z",
  "published": "2026-01-30T17:00:56.485426Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SB85645"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moby is an open-source project created by Docker for software containerization",
  "upstream": [
    "CVE-2019-13509",
    "CVE-2019-14271",
    "CVE-2020-13401",
    "CVE-2021-21285",
    "CVE-2021-41089",
    "CVE-2022-29526",
    "CVE-2023-26054",
    "CVE-2024-23650",
    "CVE-2024-23651",
    "CVE-2024-23652",
    "CVE-2024-23653",
    "CVE-2024-24557",
    "CVE-2024-41110"
  ]
}

cleanstart-2026-sp51034

Vulnerability from cleanstart

Published

2026-02-06 00:52

Modified

2026-02-03 13:35

Summary

Moby is an open-source project created by Docker for software containerization

Details

Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.

Severity

9.8 (Critical)


                    
                      CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

URL

Type

	https://github.com/cleanstart-dev/cleanstart-secu…	ADVISORY
	https://osv.dev/vulnerability/CVE-2019-13509	WEB
	https://osv.dev/vulnerability/CVE-2019-14271	WEB
	https://osv.dev/vulnerability/CVE-2020-13401	WEB
	https://osv.dev/vulnerability/CVE-2021-21285	WEB
	https://osv.dev/vulnerability/CVE-2021-41089	WEB
	https://osv.dev/vulnerability/CVE-2022-29526	WEB
	https://osv.dev/vulnerability/CVE-2023-26054	WEB
	https://osv.dev/vulnerability/CVE-2024-23650	WEB
	https://osv.dev/vulnerability/CVE-2024-23651	WEB
	https://osv.dev/vulnerability/CVE-2024-23652	WEB
	https://osv.dev/vulnerability/CVE-2024-23653	WEB
	https://osv.dev/vulnerability/CVE-2024-24557	WEB
	https://osv.dev/vulnerability/CVE-2024-41110	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-13509	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2019-14271	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2020-13401	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-21285	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2021-41089	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2022-29526	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2023-26054	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23650	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23651	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23652	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-23653	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-24557	WEB
	https://nvd.nist.gov/vuln/detail/CVE-2024-41110	WEB

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "CleanStart",
        "name": "docker"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "26.1.5-r0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "credits": [],
  "database_specific": {},
  "details": "Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details.",
  "id": "CLEANSTART-2026-SP51034",
  "modified": "2026-02-03T13:35:45Z",
  "published": "2026-02-06T00:52:59.619100Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SP51034"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://osv.dev/vulnerability/CVE-2024-41110"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
    },
    {
      "type": "WEB",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
    }
  ],
  "related": [],
  "schema_version": "1.7.3",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Moby is an open-source project created by Docker for software containerization",
  "upstream": [
    "CVE-2019-13509",
    "CVE-2019-14271",
    "CVE-2020-13401",
    "CVE-2021-21285",
    "CVE-2021-41089",
    "CVE-2022-29526",
    "CVE-2023-26054",
    "CVE-2024-23650",
    "CVE-2024-23651",
    "CVE-2024-23652",
    "CVE-2024-23653",
    "CVE-2024-24557",
    "CVE-2024-41110"
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2019-14271 (GCVE-0-2019-14271)

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Vulnerability from cleanstart

Tags

Sightings

Nomenclature