Moby is vulnerable to Cache Poisoning. The vulnerability is due to improper cache configuration when the image is built FROM scratch. This issue can be exploited by an attacker to poison the cache and force a user to pull a specially crafted image. Note that 23.0+ users are only affected if they explicitly opted out of Buildkit (DOCKER_BUILDKIT=0 environment variable) or are using the /build API…Read More