Moby Security Vulnerabilities and Issues — Moby CVE List

Lucene search

MobyprojectMoby

7 matches found

CVE•added 2018/07/06 4:29 p.m.•4909 views

CVE-2018-10892

The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.

6.3CVSS5.3AI score0.00189EPSS

CVE•added 2023/04/04 10:15 p.m.•662 views

CVE-2023-28842

Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (dockerd), which is developed as moby/moby is commonly referred to as Docker . Swarm Mode, which ...

6.8CVSS7.6AI score0.00403EPSS

CVE•added 2023/04/04 10:15 p.m.•619 views

CVE-2023-28841

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (dockerd), which is developed as moby/moby is commonly referred to as Docker . Swarm Mode, which i...

6.8CVSS7.4AI score0.02777EPSS

CVE•added 2021/10/04 9:15 p.m.•390 views

CVE-2021-41089

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the host’s filesystem, wid...

6.3CVSS5.5AI score0.00033EPSS

CVE•added 2021/10/04 9:15 p.m.•240 views

CVE-2021-41091

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically /var/lib/docker) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivileged Linux users to trav...

6.3CVSS6.9AI score0.04758EPSS

CVE•added 2024/11/29 6:15 p.m.•223 views

CVE-2024-36621

moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurrent builds that call the EnsureLayer function resulting in resource leaks/exhaustion.

6.5CVSS6.4AI score0.00118EPSS

CVE•added 2022/09/09 6:15 p.m.•145 views

CVE-2022-36109

Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...

6.3CVSS6AI score0.00047EPSS