VYPR

Moby

by Mobyproject

Source repositories

CVEs (24)

  • CVE-2026-34040HigMar 31, 2026
    risk 0.51cvss 8.8epss 0.08

    Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.

  • CVE-2026-42306HigJun 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to redirect a bind mount…

  • CVE-2026-41567HigJun 5, 2026
    risk 0.47cvss 7.2epss 0.00

    Moby is an open source container framework. In versions prior to 29.5.1 and in moby/moby v2 prior to v2.0.0-beta.14, when a compressed archive is uploaded to a container via `PUT /containers/{id}/archive` or piped through `docker cp -`, the daemon resolves decompression binaries…

  • CVE-2026-41568MedJun 12, 2026
    risk 0.40cvss 6.1epss 0.00

    Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to create empty files or…

  • CVE-2017-16539MedNov 4, 2017
    risk 0.31cvss 5.9epss 0.02

    The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi…

  • CVE-2025-54410Jul 30, 2025
    risk 0.00cvss epss 0.00

    Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker…

  • CVE-2025-54388Jul 30, 2025
    risk 0.00cvss epss 0.00

    Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables…

  • CVE-2024-36620Nov 29, 2024
    risk 0.00cvss epss 0.01

    moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.

  • CVE-2024-36623Nov 29, 2024
    risk 0.00cvss epss 0.01

    moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent write operations resulting in data corruption or application crashes.

  • CVE-2024-36621Nov 29, 2024
    risk 0.00cvss epss 0.01

    moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion.

  • CVE-2024-32473Apr 18, 2024
    risk 0.00cvss epss 0.00

    Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks where `--ipv6=false`. An…

  • CVE-2024-29018Mar 20, 2024
    risk 0.00cvss epss 0.01

    Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be…

  • CVE-2024-24557Feb 1, 2024
    risk 0.00cvss epss 0.00

    Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to some instructions (most important being HEALTHCHECK and ONBUILD) would not…

  • CVE-2023-28840Apr 4, 2023
    risk 0.00cvss epss 0.03

    Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby, is commonly referred to as…

  • CVE-2023-28841Apr 4, 2023
    risk 0.00cvss epss 0.01

    Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as…

  • CVE-2023-28842Apr 4, 2023
    risk 0.00cvss epss 0.01

    Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as moby/moby is commonly referred to as…

  • CVE-2021-32846Feb 17, 2023
    risk 0.00cvss epss 0.00

    HyperKit is a toolkit for embedding hypervisor capabilities in an application. In versions 0.20210107, function `pci_vtsock_proc_tx` in `virtio-sock` can lead to to uninitialized memory use. In this situation, there is a check for the return value to be less or equal to…

  • CVE-2022-36109Sep 9, 2022
    risk 0.00cvss epss 0.01

    Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access,…

  • CVE-2022-27652Apr 18, 2022
    risk 0.00cvss epss 0.00

    A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker…

  • CVE-2022-24769Mar 24, 2022
    risk 0.00cvss epss 0.00

    Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an…

Page 1 of 2