Mobyproject

Moby

21 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2026-33997

  • EPSS 0.02%
  • Veröffentlicht 31.03.2026 01:36:51
  • Zuletzt bearbeitet 03.04.2026 17:23:21

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison...

7.8

CVE-2026-34040

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 31.03.2026 01:36:48
  • Zuletzt bearbeitet 03.04.2026 16:51:28

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.

5.2

CVE-2025-54410

  • EPSS 0.01%
  • Veröffentlicht 30.07.2025 13:24:50
  • Zuletzt bearbeitet 22.08.2025 17:27:29

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When ...

4.6

CVE-2025-54388

  • EPSS 0.01%
  • Veröffentlicht 30.07.2025 13:24:06
  • Zuletzt bearbeitet 08.09.2025 16:34:31

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is rel...

8.1

CVE-2024-36623

  • EPSS 0.05%
  • Veröffentlicht 29.11.2024 18:15:08
  • Zuletzt bearbeitet 02.07.2025 20:36:45

moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes.

6.5

CVE-2024-36621

  • EPSS 0.05%
  • Veröffentlicht 29.11.2024 18:15:07
  • Zuletzt bearbeitet 02.07.2025 20:43:30

moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion.

6.5

CVE-2024-36620

  • EPSS 0.1%
  • Veröffentlicht 29.11.2024 18:15:07
  • Zuletzt bearbeitet 05.09.2025 13:58:04

moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.

6.5

CVE-2024-32473

  • EPSS 0.11%
  • Veröffentlicht 18.04.2024 22:15:10
  • Zuletzt bearbeitet 04.09.2025 15:09:50

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to network...

7.5

CVE-2024-29018

  • EPSS 0.36%
  • Veröffentlicht 20.03.2024 21:15:31
  • Zuletzt bearbeitet 09.04.2025 15:40:20

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address r...

7.8

CVE-2024-24557

  • EPSS 0.08%
  • Veröffentlicht 01.02.2024 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:59:24

Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHEC...