Merge pull request #56 from ginglis13/docker-brsa

advisories: stage docker-engine CVE-2024-41110
bottlerocket-os · Jul 31, 2024 · 7ee6ca6 · 7ee6ca6
2 parents 8d3f2fd + c3483a8
commit 7ee6ca6
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/advisories/staging/BRSA-eve2oc0u.toml b/advisories/staging/BRSA-eve2oc0u.toml
@@ -0,0 +1,16 @@
+[advisory]
+id = "BRSA-eve2oc0u"
+title = "docker-engine CVE-2024-41110"
+cve = "CVE-2024-41110"
+severity = "high"
+description = "A flaw was found in certain versions of Docker engine which could allow a specially-crafted API request to bypass authorization plugins under specific circumstances."
+
+[[advisory.products]]
+package-name = "docker-engine"
+patched-version = "25.0.6"
+
+[updateinfo]
+author = "giinglis"
+issue-date = 2024-07-29T17:13:52Z
+arches = ["aarch64", "x86_64"]
+version = "staging"