{"id":"MGASA-2023-0009","summary":"Updated docker packages fix security vulnerability","details":"Server side request forgery (CVE-2022-29153)\n\nBypass primary group restrictions due to a flaw in the supplementary group\naccess setup (CVE-2022-36109)\n\nImported Nodes/Services Information leak in moby-engine. (CVE-2022-3920)\n","modified":"2026-02-04T04:41:05.387295Z","published":"2023-01-24T07:58:24Z","related":["CVE-2022-29153","CVE-2022-36109","CVE-2022-3920"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0009.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30834"},{"type":"REPORT","url":"https://docs.docker.com/engine/release-notes/#201018"},{"type":"REPORT","url":"https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RQQ4E3JBXVR3VK5FIZVJ3QS2TAOOXXTQ/"},{"type":"REPORT","url":"https://docs.docker.com/engine/release-notes/#201020"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/VFYXCTLOSESYIP72BUYD6ECDIMUM4WMB/"},{"type":"REPORT","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/RBODKZL7HQE5XXS3SA2VIDVL4LAA5RWH/"}],"affected":[{"package":{"name":"docker","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/docker?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20.10.22-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0009.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}