Every CVE whose affected-product data names Mobyproject Moby, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (21)
CVE-2024-36623 — CVSS 8.1 (high): moby through v25.0.3 has a Race Condition vulnerability in the streamformatter package which can be used to trigger multiple concurrent…
CVE-2023-28840 — CVSS 7.5 (high): Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various…
CVE-2018-12608 — CVSS 7.5 (high): An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured…
CVE-2026-42306 — CVSS 7.2 (high): Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby…
CVE-2024-24557 — CVSS 6.9 (medium): Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache…
CVE-2023-28842 — CVSS 6.8 (medium): Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various…
CVE-2023-28841 — CVSS 6.8 (medium): Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various…
CVE-2024-36621 — CVSS 6.5 (medium): moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger…
CVE-2024-36620 — CVSS 6.5 (medium): moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.
CVE-2021-41091 — CVSS 6.3 (medium): Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the…
CVE-2026-41568 — CVSS 6.1 (medium): Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby…
CVE-2017-16539 — CVSS 5.9 (medium): The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows…
CVE-2022-24769 — CVSS 5.9 (medium): Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker…
CVE-2024-29018 — CVSS 5.9 (medium): Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container…
CVE-2022-27652 — CVSS 5.3 (medium): A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby…
CVE-2018-10892 — CVSS 5.3 (medium): The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw…
CVE-2022-36109 — CVSS 5.3 (medium): Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where…
CVE-2024-32473 — CVSS 4.7 (medium): Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container…
CVE-2025-54388 — CVSS 4.6 (medium): Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and…
CVE-2025-54410 — CVSS 3.3 (low): Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and…
CVE-2021-41089 — CVSS 2.8 (low): Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where…