Three CVEs affecting all versions of Swarm encrypted overlay networks have been discovered:

• CVE-2023-28841: Encrypted overlay network traffic may be unencrypted
• CVE-2023-28840: Encrypted overlay network may be unauthenticated
• CVE-2023-28842: Encrypted overlay network with a single endpoint is unauthenticated

Additionally, there is an informational security advisory regarding a documentation issue:

• GHSA-vwm3-crmr-xfxw: The Swarm VXLAN port may be exposed to attack due to ambiguous documentation

This security advisory is to draw attention to these advisories, which are tracked on the new canonical repository for libnetwork, moby/moby. As this repository is still in use for the 20.10 branch of Moby, users should consult the advisories, perform mitigations, and update as soon as is practical.