mobyproject
Security Risk Profile
57
/100
mediumSecurity Risk Score
Comprehensive risk assessment based on 33 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from November 4, 2017 to present
33
Total CVEs
16
Critical+High
0
Exploited
0
Unpatched
Threat Assessment
Avg CVSS
7.2
Base severity
Avg EPSS
0%
Exploit probability
Unpatched
0
Critical/High
Risk Level
57/100
medium
Severity Distribution
Critical
3High
13Medium
17Low
0Exploit Likelihood
>50% chance
020-50%
05-20%
0<5%
8Age Distribution
Common Weaknesses (CWE)
1
Path Traversal
3
2
Race Condition
3
3
Null Pointer Dereference
3
4
Infoleak
2
Most Affected Products
1. Mobyproject Moby30
2. go/github.com/docker/docker15
3. go/github.com/moby/moby10
4. Fedoraproject Fedora10
5. redhat/moby8
Recent Vulnerabilities
See more →CVE-2026-34040
CVSS 8.8high
Moby: AuthZ plugin bypass with oversized request body
3/27/2026
CVE-2026-33997
CVSS 8.1high
Moby: Off-by-one error in plugin privilege validation
3/27/2026
CVE-2026-33748
CVSS 8.2high
BuildKit Git URL subdir component can cause access to restricted files
3/26/2026
CVE-2026-33747
CVSS 9.8EPSS 0%critical
BuildKit vulnerable to malicious frontend causing file escape outside of storage root
3/26/2026
CVE-2025-54410
CVSS 5.2medium
Moby's Firewalld reload removes bridge network isolation
7/29/2025🔧 No Patch
CVE-2025-54388
CVSS 5.1medium
Moby's Firewalld reload makes published container ports accessible from remote hosts
7/29/2025
CVE-2024-36623
CVSS 8.1high
11/29/2024
CVE-2024-36621
CVSS 6.8medium
11/29/2024
CVE-2024-36620
CVSS 8.8high
11/29/2024
CVE-2024-32473
CVSS 6.5EPSS 0%medium
Moby IPv6 enabled on IPv4-only network interfaces
4/18/2024
Monitor mobyproject in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.