An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
oryginał ENCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NMobyproject Moby
APPMobyproject< 17.06.0
Powiązane podatności
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 2...
moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to tr...
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Co...
Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 2...
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mira...