{"data":{"id":"1606368d-2eee-4542-ae39-f6c7331f0712","title":"CVE-2024-29018: Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distribut","summary":"Moby (the container framework underlying Docker) has a bug in how it handles DNS requests from internal networks (networks isolated from external communication). When a container on an internal network needs to resolve a domain name, Moby forwards the request through the host's network namespace instead of the container's own network, which can leak data to external servers that an attacker controls. Docker Desktop is not affected by this issue.","solution":"Moby releases 26.0.0, 25.0.4, and 23.0.11 are patched to prevent forwarding any DNS requests from internal networks. As a workaround, run containers intended to be solely attached to internal networks with a custom upstream address, which will force all upstream DNS queries to be resolved from the container's network namespace.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2024-29018","publishedAt":"2024-03-21T01:15:31.113Z","cveId":"CVE-2024-29018","cweIds":["CWE-669","CWE-669"],"cvssScore":"5.9","cvssSeverity":"medium","severity":"medium","attackType":["data_extraction"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Docker","Moby"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00264,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.72,"researchCategory":null,"atlasIds":null}}