Affected by GO-2022-0390
and 6 other vulnerabilities
GO-2022-0390: Moby (Docker Engine) started with non-empty inheritable Linux process capabilities in github.com/docker/docker
GO-2022-0985: Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker
GO-2022-1107: Container build can leak any path on the host into the container in github.com/docker/docker
GO-2023-1699: Docker Swarm encrypted overlay network may be unauthenticated in github.com/docker/docker
GO-2023-1700: Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker
GO-2023-1701: Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker
GO-2024-2914: Moby (Docker Engine) is vulnerable to Ambiguous OCI manifest parsing in github.com/docker/docker
type Backend interface {
// Build builds a Docker image referenced by an imageID string.//// Note: Tagging an image should not be done by a Builder, it should instead be done// by the caller.//// TODO: make this return a reference instead of string
BuildFromContext(ctx context.Context, src io.ReadCloser, remote string, buildOptions *types.ImageBuildOptions, pg backend.ProgressWriter) (string, error)
}
Backend abstracts an image builder whose only purpose is to build an image referenced by an imageID.