Security Bulletin: Firewalld Reload Breaks Docker Bridge Network Isolation in Moby (Pre-28.0.0), affects watsonx.data

Summary Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to...

Security Bulletin: Firewalld Reload Bypasses Localhost Port Restrictions in Moby (Docker Engine) Prior to 28.3.3, affects watsonx.data

Summary Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules...

EUVD-2025-23167

Malicious code in bioql PyPI...

TencentOS Server 4: moby (TSSA-2025:0667)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0667 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Security update for docker

This update for docker fixes the following issues: Update to Docker 28.3.3-ce. CVE-2025-54388: Fixed a bug where firewalld when reloaded can make published container ports accessible from remote hosts. bsc1247367 Patch Instructions: To install this SUSE update use the SUSE recommended installatio...

Linux Distros Unpatched Vulnerability : CVE-2025-54388

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstre...

Network Isolation Bypass

github.com/moby/moby is vulnerable to network isolation bypass. The vulnerability is due to Docker failing to re-create iptables rules isolating bridge networks after firewalld reload, which allows an attacker to access all ports of containers across different bridge networks on the same host,...

GO-2025-3830 Moby firewalld reload makes published container ports accessible from remote hosts in github.com/docker/docker

Moby firewalld reload makes published container ports accessible from remote hosts in github.com/docker/docker...

Improper Access Control

github.com/moby/moby is vulnerable to improper access control. The vulnerability is due to failure to recreate firewall rules blocking external access to containers after a firewalld reload, which allows an attacker to remotely access containers with ports published to localhost...

Docker Engine < 25.0.13 / 26.0 < 28.0.0 Network Isolation Failure

The version of the Docker Engine Moby installed on the remote host is prior to 23.0.15 or 28.0.0. When firewalld reloads, Docker fails to re-create iptables rules that isolate bridge networks, allowing any container to access all ports on any other container across different bridge networks on th...

SUSE CVE-2025-54388

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...

UBUNTU-CVE-2025-54410

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create...

CVE-2025-54388 Moby's Firewalld reload makes published container ports accessible from remote hosts

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...

Moby 安全漏洞

Moby is an open source project of Moby Open Source. It aims to drive containerization of software and help the ecosystem mainstream container technology. A security vulnerability exists in Moby versions 28.2.0 through 28.3.2, which stems from the failure to recreate iptables rules when the...

Moby 安全漏洞

Moby is an open source project of Moby Open Source. It aims to drive containerization of software and help the ecosystem mainstream container technology. A security vulnerability exists in Moby versions prior to 28.0.0 that stems from the failure to recreate iptables rules when firewalld is...

GHSA-4VQ8-7JFC-9CVP Moby firewalld reload removes bridge network isolation

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby is commonly referred to as Docker, or Docker...

PT-2025-31369 · Docker +3 · Moby +5

Name of the Vulnerable Software and Affected Versions: Moby versions prior to 28.0.0 Moby version 25.0.13 Description: Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream...