Vulnerability Report: GO-2024-3005

  • CVE-2024-41110
  • Affects: github.com/moby/moby, github.com/docker/docker
  • Published: Jul 29, 2024

Moby authz zero length regression in github.com/moby/moby

For detailed information about this vulnerability, visit https://nvd.nist.gov/vuln/detail/CVE-2024-41110.

Affected Packages

  • Path
    Go Versions
    Custom Versions*
    Symbols
  • github.com/moby/moby/pkg/authorization
    from v20.10.0+incompatible before v25.0.6+incompatible, from v26.0.0+incompatible before v26.1.5+incompatible, from v27.0.0+incompatible before v27.1.1+incompatible
    from 19.0.0 before 19.03.16, from 23.0.0 before 23.0.15, from 24.0.0 before 24.0.10, from 20.0.0 before 20.10.28, from 25.0.0 before 25.0.6, from 26.0.0 before 26.0.3, from 26.1.0 before 26.1.15, from 27.0.0 before 27.0.4, from 27.1.0 before 27.1.1
  • github.com/docker/docker/pkg/authorization
    from v20.10.0+incompatible before v25.0.6+incompatible, from v26.0.0+incompatible before v26.1.5+incompatible, from v27.0.0+incompatible before v27.1.1+incompatible
    from 19.0.0 before 19.03.16, from 23.0.0 before 23.0.15, from 24.0.0 before 24.0.10, from 20.0.0 before 20.10.28, from 25.0.0 before 25.0.6, from 26.0.0 before 26.0.3, from 26.1.0 before 26.1.15, from 27.0.0 before 27.0.4, from 27.1.0 before 27.1.1

*Custom versions, which can't be mapped automatically to standard Go module versions, are ignored by govulncheck. (See this note on versions for more details.)

Aliases

References

Feedback

See anything missing or incorrect? Suggest an edit to this report.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.