1085 matches found
GHSA-X744-4WPC-V9H2 Moby has AuthZ plugin bypass when provided oversized request bodies
Summary A security vulnerability has been detected that allows attackers to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being exploited is low. This is an incomplete fix for CVE-2024-41110. Impact If you don't use AuthZ plugins, you are not affecte...
Off-by-one Error
Overview Affected versions of this package are vulnerable to Off-by-one Error in the plugins privilege validation. An attacker can gain unauthorized access to sensitive plugin privileges by installing a malicious plugin that exploits the privilege comparison logic. - Remediation Upgrade...
GHSA-PXQ6-2PRW-CHJ9 Moby has an Off-by-one error in its plugin privilege validation
Summary A security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user...
Symlink Attack
Overview Affected versions of this package are vulnerable to Symlink Attack when processing Git URL fragment subdir components. An attacker can access files outside the intended Git repository root by specifying a crafted subdir value in the URL fragment. Note: This is only exploitable if builds...
CVE-2025-11065 affecting package moby-cli for versions less than 24.0.9-8
CVE-2025-11065 affecting package moby-cli for versions less than 24.0.9-8. A patched version of the package is available...
CVE-2025-11065 affecting package moby-buildx for versions less than 0.7.1-28
CVE-2025-11065 affecting package moby-buildx for versions less than 0.7.1-28. A patched version of the package is available...
CVE-2025-11065 affecting package moby-compose for versions less than 2.17.3-14
CVE-2025-11065 affecting package moby-compose for versions less than 2.17.3-14. A patched version of the package is available...
CLEANSTART-2026-ZM20570 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...
CLEANSTART-2026-SP51034 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...
CLEANSTART-2026-TD34476 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...
CLEANSTART-2026-YB44027 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...
CLEANSTART-2026-SB85645 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...
CLEANSTART-2026-OS18490 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...
CLEANSTART-2026-XL45869 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...
CLEANSTART-2026-BN11148 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...
CLEANSTART-2026-JD48541 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker-fips package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...
CLEANSTART-2026-QM19832 Moby is an open source container framework developed by Docker Inc
Multiple security vulnerabilities affect the argo-workflows-fips package. Moby is an open source container framework developed by Docker Inc. See references for individual vulnerability details...
CLEANSTART-2026-BT39952 Moby is an open source container framework developed by Docker Inc
Multiple security vulnerabilities affect the consul-k8s-fips package. Moby is an open source container framework developed by Docker Inc. See references for individual vulnerability details...
CLEANSTART-2026-SQ13072 Moby is an open source container framework developed by Docker Inc
Multiple security vulnerabilities affect the kyverno-fips package. Moby is an open source container framework developed by Docker Inc. See references for individual vulnerability details...
CLEANSTART-2026-BK59402 Moby is an open-source project created by Docker for software containerization
Multiple security vulnerabilities affect the docker package. Moby is an open-source project created by Docker for software containerization. See references for individual vulnerability details...