Lucene search
K

1082 matches found

CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.16 views

CVE-2026-39821 affecting package moby-containerd-cc for versions less than 1.7.7-13

CVE-2026-39821 affecting package moby-containerd-cc for versions less than 1.7.7-13. A patched version of the package is available...

9.6CVSS5.8AI score0.00478EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.10 views

CVE-2026-39829 affecting package moby-engine for versions less than 25.0.3-18

CVE-2026-39829 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...

7.5CVSS5.8AI score0.004EPSS
Exploits0
CBLMariner
CBLMariner
added 2026/06/02 2:56 a.m.20 views

CVE-2026-39821 affecting package moby-engine for versions less than 25.0.3-18

CVE-2026-39821 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...

9.6CVSS5.8AI score0.00478EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.9 views

openSUSE 16 Security Update : alloy (openSUSE-SU-2026:20816-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20816-1 advisory. This update for alloy fixes the following issues - CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing encrypted key...

7.5CVSS5.9AI score0.01163EPSS
Exploits0References6
OSV
OSV
added 2026/05/27 9:8 a.m.9 views

OPENSUSE-SU-2026:20816-1 Security update for alloy

This update for alloy fixes the following issues - CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262955. - CVE-2026-41602: github.com/apache/thrift: TFramedTransport frame size headers can lead to a uint32 integer...

7.5CVSS6.8AI score0.01163EPSS
Exploits0References4
OSV
OSV
added 2026/05/27 9:7 a.m.7 views

SUSE-SU-2026:21852-1 Security update for alloy

This update for alloy fixes the following issues - CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing encrypted key can lead to a denial of service bsc1262955. - CVE-2026-41602: github.com/apache/thrift: TFramedTransport frame size headers can lead to a uint32 integer...

7.5CVSS5.8AI score0.01163EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in docker.io

Moby is an open-source container framework developed by Docker Inc. It is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which is...

6.8CVSS7AI score0.0144EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in docker.io-app

Moby version 25.0.3 has a race condition vulnerability in the StreamFormatter package. This vulnerability can be exploited to trigger multiple concurrent write operations, leading to data corruption or application crashes...

8.1CVSS7.7AI score0.00641EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in docker.io-app

Moby is an open-source container framework that is a key component of Docker Engine, Docker Desktop, and other container tooling or runtime distributions. Moby’s networking implementation allows for multiple networks to be defined, each with its own IP address range and gateway. This feature is...

7.5CVSS6.7AI score0.0075EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.8 views

Amazon Linux 2023 : docker (ALAS2023-2026-1659)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1659 advisory. Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin...

8.4CVSS5.8AI score0.00387EPSS
Exploits0References6
CBLMariner
CBLMariner
added 2026/05/18 8:36 p.m.14 views

CVE-2026-35469 affecting package moby-containerd-cc for versions less than 1.7.7-12

CVE-2026-35469 affecting package moby-containerd-cc for versions less than 1.7.7-12. A patched version of the package is available...

8.7CVSS5.8AI score0.00656EPSS
Exploits0
Snyk
Snyk
added 2026/05/18 5:53 p.m.9 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

7.2CVSS5.9AI score0.00104EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:53 p.m.9 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

7.2CVSS5.9AI score0.00104EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:53 p.m.10 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup before subsequent mount syscall. An attacker can overwrite arbitrary files on the host or cause denial of service by exploiting a race condition where a symlink is create...

7.2CVSS5.9AI score0.00104EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:52 p.m.80 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...

6.1CVSS5.9AI score0.00108EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:52 p.m.10 views

UNIX Symbolic Link (Symlink) Following

Overview Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following during docker cp mount setup due to the switching from GetResourcePath and to createIfNotExists method that has no absolute path checks. An attacker can create empty files or directories at arbitrary...

6.1CVSS5.9AI score0.00108EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:47 p.m.7 views

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element during the archive decompression for PUT /containers/id/archive API requests. An attacker can execute arbitrary code on the host with daemon privileges by uploading a compressed archive containing a...

7.5CVSS6.2AI score0.00153EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:47 p.m.8 views

Uncontrolled Search Path Element

Overview Affected versions of this package are vulnerable to Uncontrolled Search Path Element during the archive decompression for PUT /containers/id/archive API requests. An attacker can execute arbitrary code on the host with daemon privileges by uploading a compressed archive containing a...

7.5CVSS6.2AI score0.00153EPSS
Exploits0References2
Amazon
Amazon
added 2026/05/14 12:0 a.m.10 views

Medium: docker

Issue Overview: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may...

8.1CVSS5.8AI score0.00387EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.12 views

Amazon Linux 2 : docker, --advisory ALAS2NITRO-ENCLAVES-2026-100 (ALASNITRO-ENCLAVES-2026-100)

The version of docker installed on the remote host is prior to 25.0.14-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2026-100 advisory. Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been...

8.4CVSS5.8AI score0.00387EPSS
Exploits0References6
Rows per page
Query Builder