You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2024 29018
About this tag
CVE-2024-29018 is a security vulnerability affecting the Moby container stack, including components like moby-engine, moby-cli, BuildKit, and runc. Microsoft has publicly attested that Azure Linux (CBL-Mariner) includes the affected open-source library and is potentially impacted. However, this attestation does not guarantee that other Microsoft products are unaffected, as multiple product families may ship or depend on the same vulnerable components. Discussions on WindowsForum focus on the scope of Microsoft's disclosure and the practical implications for Azure Linux customers, emphasizing the need for thorough inventory checks across all Microsoft products that rely on the Moby container stack.
Microsoft’s attestation that “Azure Linux includes this open‑source library and is therefore potentially affected” is an authoritative, product‑level statement — but it is not a blanket guarantee that no other Microsoft product contains the same open‑source component. Azure Linux (the...