all InfoSec news
Severe Vulnerabilities in Moby BuildKit and OCI runc: CVE-2024-23651, CVE-2024-23652, CVE-2024-23653, CVE-2024-21626
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding Moby and the Open Container Initiative (OCI) security updates that fix multiple vulnerabilities. The vulnerabilities affect Docker-related components, including Moby BuildKit and OCI runc, and encompass a range of high-severity and critical issues.
The Moby Project (GitHub)
“BuildKit,” developed by Moby, serves as a toolkit designed to efficiently transform source code into build artifacts, while OCI runc functions as a Command-Line Interface (CLI) tool dedicated …
agency alert buildkit cisa components container critical cve cybersecurity docker fix high infrastructure infrastructure security initiative oci project runc security security updates severity updates vulnerabilities