CVE-2024-36620: moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.
0.0
CVSS
Description
moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.
Classification
CVE ID: CVE-2024-36620
CVSS Base Severity: LOW
CVSS Base Score: 0.0
Affected Products
Vendor: n/a
Product: n/a
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.05% (probability of being exploited)
EPSS Percentile: 17.81% (scored less or equal to compared to others)
EPSS Date: 2025-02-03 (when was this score calculated)
References
https://github.com/moby/moby/commit/ab570ab3d62038b3d26f96a9bb585d0b6095b9b4https://github.com/moby/moby/blob/v26.0.2/daemon/images/image_history.go#L48
https://gist.github.com/1047524396/f08816669701ab478a265a811d2c89b2