OESA-2026-2138 moby security update

Docker is a product for you to build, ship and run any application as a lightweight container. Security Fixes: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plug...

Medium: docker

Issue Overview: url.Parse insufficiently validated the host/authority component and accepted some invalid URLs. CVE-2026-25679 On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which t...

GO-2026-4883 Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker

Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker...

PT-2026-29933

Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker...

Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in the plugins privilege validation. An attacker can gain unauthorized access to sensitive plugin privileges by installing a malicious plugin that exploits the privilege comparison logic. - Remediation Upgrade...