CVE-2026-33997
published 2026-03-31CVE-2026-33997: Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be…
PriorityP347high8.1CVSS 3.1
AVNACLPRNUIRSUCHIHAN
EPSS
0.39%
30.5th percentile
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | docker.io | — | — |
| docker | engine | < 29.3.1 | 29.3.1 |
| github.com | moby_moby_v2 | >= 0 < 2.0.0-beta.8 | 2.0.0-beta.8 |
| moby | moby | < 29.3.1 | 29.3.1 |
CVSS provenance
nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
osv8.1HIGH
vendor_debian6.8MEDIUM
vendor_redhat6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
osv·2026-04-02
CVE-2026-33997 Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
OSV
CVE-2026-33997: Moby is an open source container framework
osv·2026-03-31·CVSS 8.1
CVE-2026-33997 [HIGH] CVE-2026-33997: Moby is an open source container framework
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.
OSV
Moby has an Off-by-one error in its plugin privilege validation
osv·2026-03-27
CVE-2026-33997 [MEDIUM] Moby has an Off-by-one error in its plugin privilege validation
Moby has an Off-by-one error in its plugin privilege validation
## Summary
A security vulnerability has been detected that allows [plugins](https://docs.docker.com/engine/extend/legacy_plugins/) privilege validation to be bypassed during `docker plugin install`. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user.
Plugins that request exactly one privilege are also affected, because no comparison is performed at all.
## Impact
**If plugins are not in use, there is no impact.**
When a plugin is installed, the daemon computes the privileges required by the plugin's configuration and compares them with the privileges approved during installation. A malicious plugin can exploit this b
GHSA
Moby has an Off-by-one error in its plugin privilege validation
ghsa·2026-03-27
CVE-2026-33997 [MEDIUM] CWE-193 Moby has an Off-by-one error in its plugin privilege validation
Moby has an Off-by-one error in its plugin privilege validation
## Summary
A security vulnerability has been detected that allows [plugins](https://docs.docker.com/engine/extend/legacy_plugins/) privilege validation to be bypassed during `docker plugin install`. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user.
Plugins that request exactly one privilege are also affected, because no comparison is performed at all.
## Impact
**If plugins are not in use, there is no impact.**
When a plugin is installed, the daemon computes the privileges required by the plugin's configuration and compares them with the privileges approved during installation. A malicious plugin can exploit this b
Red Hat
moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation
vendor_redhat·2026-03-31·CVSS 6.8
CVE-2026-33997 [MEDIUM] CWE-266 moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation
moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.
A flaw was found in Moby, an open-source container framework. This vulnerability allows for a privilege validation bypass during `docker plugin install`. Due to an error in the daemon's privile
Debian
CVE-2026-33997: docker.io - Moby is an open source container framework. Prior to version 29.3.1, a security ...
vendor_debian·2026·CVSS 6.8
CVE-2026-33997 [MEDIUM] CVE-2026-33997: docker.io - Moby is an open source container framework. Prior to version 29.3.1, a security ...
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.
Scope: local
bookworm: open
bullseye: open
forky: open
sid: open
trixie: open
No detection rules found.
No public exploits indexed.
Wiz
CVE-2025-61730 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 5.3
CVE-2025-61730 [MEDIUM] CVE-2025-61730 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-61730 :
cAdvisor vulnerability analysis and mitigation
During the TLS 1.3 handshake if multiple messages are sent in records that span encryption level boundaries (for instance the Client Hello and Encrypted Extensions messages), the subsequent messages may be processed before the encryption level changes. This can cause some minor information disclosure if a network-local attacker can inject messages during the handshake.
Source : NVD
## 5.3
Score
Published January 28, 2026
Severity MEDIUM
CNA Score 5.3
Affected Technologies
cAdvisor
Docker
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 0.8
Exploitation Probability (EPSS) N/A
Affected packages and libraries
cilium-fip
Wiz
CVE-2026-27139 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 2.5
CVE-2026-27139 [LOW] CVE-2026-27139 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-27139 :
cAdvisor vulnerability analysis and mitigation
On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.
Source : NVD
## 2.5
Score
Published March 6, 2026
Severity LOW
CNA Score 2.5
Affected Technologies
cAdvisor
Packer
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 0.3
Exploitation Probability (EPSS) N/A
Affected packages and libraries
eks-distro-1.33
c
Wiz
CVE-2025-68121 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 10.0
CVE-2025-68121 [CRITICAL] CVE-2025-68121 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-68121 :
cAdvisor vulnerability analysis and mitigation
During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a server that it would not have resumed with during the initial handshake, or cause a server to resume a session with a client that it would not have resumed with during the initial handshake.
Wiz Threat Research note: This vulnerability's CVSS vector has been overridden to Privileges Required HIGH by the Wiz Research team, as exploita
Wiz
CVE-2025-61732 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 8.6
CVE-2025-61732 [HIGH] CVE-2025-61732 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-61732 :
cAdvisor vulnerability analysis and mitigation
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.
Source : NVD
## 8.6
Score
Published February 5, 2026
Severity HIGH
CNA Score 8.6
Affected Technologies
cAdvisor
Terraform Community
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 0.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
mongodb-kubernetes-operator-fips
nats-top
Sources
AlmaLinux 8 Severity HIGH Has Fix Added at: Feb 16, 2026
AlmaLinux 9 Severity HIGH Has Fix Added at: Feb 18, 2026
Alpine 3.10, 3.11, 3.12, 3.13, 3.14, 3.15, 3.16, 3.17, 3.18, 3.19, 3.20, 3.21, 3.22
Wiz
CVE-2026-27142 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2026-27142 [MEDIUM] CVE-2026-27142 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-27142 :
cAdvisor vulnerability analysis and mitigation
Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actions in the meta content attribute which follow "url=" by setting htmlmetacontenturlescape=0.
Source : NVD
## 6.1
Score
Published March 6, 2026
Severity MEDIUM
CNA Score 6.1
Affected Technologies
cAdvisor
Packer
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 1.6
Exploitation Probability (EPSS) N/A
Affected packages and librari
Wiz
CVE-2026-33748 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 10.0
CVE-2026-33748 [CRITICAL] CVE-2026-33748 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-33748 :
Docker vulnerability analysis and mitigation
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is limited to files on the same mounted filesystem. The issue has been fixed in version v0.28.1 The issue affects only builds that use Git URLs with a subpath component. As a workaround, avoid building Dockerfiles from untrusted sources or using the subdir component from an untrusted Git repository where the subdir component could point to a symlink.
Source : NVD
## 8.2
Score
Published March 27, 2026
Severity HIGH
CNA Score 8.2
Wiz
CVE-2025-61726 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2025-61726 [HIGH] CVE-2025-61726 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-61726 :
cAdvisor vulnerability analysis and mitigation
The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containing many unique query parameters can cause excessive memory consumption.
Source : NVD
## 7.5
Score
Published January 28, 2026
Severity HIGH
CNA Score 7.5
Affected Technologies
cAdvisor
Docker
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 9.8
Exploitation Probability (EPSS) N/A
Affected packages and libraries
gcp-compute-per
Wiz
CVE-2025-67499 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.6
CVE-2025-67499 [MEDIUM] CVE-2025-67499 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-67499 :
Docker vulnerability analysis and mitigation
The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadvertently forward all traffic with the same destination port as the host port when the portmap plugin is configured with the nftables backend, thus ignoring the destination IP. This includes traffic not intended for the node itself, i.e. traffic to containers hosted on the node. Containers that request HostPort forwarding can intercept all traffic destined for that port. This requires that the portmap plugin be explicitly configured to use the nftables backend. This issue is fixed in version 1.9.0. To workaround, configure the portmap plugin to use the iptables backend. It does
Wiz
CVE-2025-68119 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.0
CVE-2025-68119 [HIGH] CVE-2025-68119 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-68119 :
cAdvisor vulnerability analysis and mitigation
Downloading and building modules with malicious version strings can cause local code execution. On systems with Mercurial (hg) installed, downloading modules from non-standard sources (e.g., custom domains) can cause unexpected code execution due to how external VCS commands are constructed. This issue can also be triggered by providing a malicious version string to the toolchain. On systems with Git installed, downloading and building modules with malicious version strings can allow an attacker to write to arbitrary files on the filesystem. This can only be triggered by explicitly providing the malicious version strings to the toolchain and does not affect usage of @latest or bare module paths.
Source : NVD
## 7
Sco
Wiz
CVE-2026-25679 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.5
CVE-2026-25679 [HIGH] CVE-2026-25679 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-25679 :
cAdvisor vulnerability analysis and mitigation
url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.
Source : NVD
## 7.5
Score
Published March 6, 2026
Severity HIGH
CNA Score 7.5
Affected Technologies
cAdvisor
Packer
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 9.7
Exploitation Probability (EPSS) N/A
Affected packages and libraries
logstash-9.1
vault
Sources
NVD
AlmaLinux 9 Severity HIGH Has Fix Added at: Mar 29, 2026
Alpine 3.23 Severity HIGH Has Fix Added at: Mar 09, 2026
Alpine edge Severity HIGH Has Fix Added at: Mar 08, 2026
CBL-Mariner 3.0 Severity HIGH Has Fix Added at: Mar 29, 2026
Chainguard Has Fix A
Wiz
CVE-2026-33186 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 2.5
CVE-2026-33186 [LOW] CVE-2026-33186 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-33186 :
cAdvisor vulnerability analysis and mitigation
:path
:path
Service/Method
/Service/Method
grpc/authz
/
google.golang.org/grpc/authz
info.FullMethod
grpc.Method(ctx)
:path
:path
codes.Unimplemented
Source : NVD
## 9.1
Score
Published March 20, 2026
Severity CRITICAL
CNA Score 9.1
Affected Technologies
cAdvisor
Terraform Community
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 2.6
Exploitation Probability (EPSS) N/A
Affected packages and libraries
milvus-2.6
vault-csi-provider-fips
Sources
NVD
Chainguard Has Fix Added at: Mar 20, 2026
Debian 11, 12, 13, 14 Severity CRITICAL No Fix Added at: Mar 29, 2026
Echo Severity CRITICAL No Fix Added at: Mar
Wiz
CVE-2026-34040 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 2.5
CVE-2026-34040 [LOW] CVE-2026-34040 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-34040 :
cAdvisor vulnerability analysis and mitigation
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
Source : NVD
## 7.8
Score
Published March 31, 2026
Severity HIGH
CNA Score 8.8
Affected Technologies
cAdvisor
Docker
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 2.4
Exploitation Probability (EPSS) N/A
Affected packages and libraries
github.com/moby/moby
wolfictl
Sources
Alpine edge Severity HIGH Has Fix Added at: Mar 31, 2026
Chainguard Has Fix Added at: Mar 29, 2026
Debian 11, 12, 13, 14
Wiz
CVE-2025-61728 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.5
CVE-2025-61728 [MEDIUM] CVE-2025-61728 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-61728 :
cAdvisor vulnerability analysis and mitigation
archive/zip uses a super-linear file name indexing algorithm that is invoked the first time a file in an archive is opened. This can lead to a denial of service when consuming a maliciously constructed ZIP archive.
Source : NVD
## 6.5
Score
Published January 28, 2026
Severity MEDIUM
CNA Score 6.5
Affected Technologies
cAdvisor
Docker
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 5.1
Exploitation Probability (EPSS) N/A
Affected packages and libraries
timoni
kube-rbac-proxy
Sources
AlmaLinux 8 Severity HIGH Has Fix Added at: Feb 16, 2026
AlmaLinux 9 Severity HIGH Has Fix Added at: Feb 18, 2026
Alpine 3.10, 3.1
Wiz
CVE-2026-33997 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 6.1
CVE-2026-33997 [MEDIUM] CVE-2026-33997 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-33997 :
cAdvisor vulnerability analysis and mitigation
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.
Source : NVD
## 8.1
Score
Published March 31, 2026
Severity HIGH
CNA Score 6.8
Affected Technologies
cAdvisor
Docker
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N
Wiz
CVE-2026-33747 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 10.0
CVE-2026-33747 [CRITICAL] CVE-2026-33747 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-33747 :
Docker vulnerability analysis and mitigation
#syntax
--build-arg BUILDKIT_SYNTAX
docker/dockerfile
Source : NVD
## 9.8
Score
Published March 27, 2026
Severity CRITICAL
CNA Score 8.4
Affected Technologies
Docker
Datadog Agent
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 17.3
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
podman-remote
zot
Sources
NVD
Alpine edge Severity CRITICAL Has Fix Added at: Mar 31, 2026
Chainguard Has Fix Added at: Mar 29, 2026
GoLang Severity HIGH Has Fix Added at: Mar 29, 2026
Homebrew Severity CRITICAL Has Fix Added at: Apr 05, 2026
MinimOS Severity CRITICAL Has Fix Added at: Mar 29, 2026
Nix Severity
Wiz
CVE-2025-61731 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.8
CVE-2025-61731 [HIGH] CVE-2025-61731 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2025-61731 :
cAdvisor vulnerability analysis and mitigation
Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "#cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a "--log-file" argument to this directive, causing pkg-config to write to an attacker-controlled location.
Source : NVD
## 7.8
Score
Published January 28, 2026
Severity HIGH
CNA Score 7.8
Affected Technologies
cAdvisor
Terraform Community
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 1.1
Exploitation Probability (EPSS) N/A
Affected
Bugzilla
CVE-2026-33997 inspektor-gadget: Moby: Privilege validation bypass during plugin installation [fedora-43]
bugzilla·2026-03-31·CVSS 6.8
CVE-2026-33997 [MEDIUM] CVE-2026-33997 inspektor-gadget: Moby: Privilege validation bypass during plugin installation [fedora-43]
CVE-2026-33997 inspektor-gadget: Moby: Privilege validation bypass during plugin installation [fedora-43]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
*** This bug has been marked as a duplicate of bug 2455307 ***
Bugzilla
CVE-2026-33997 inspektor-gadget: Moby: Privilege validation bypass during plugin installation [fedora-42]
bugzilla·2026-03-31·CVSS 6.8
CVE-2026-33997 [MEDIUM] CVE-2026-33997 inspektor-gadget: Moby: Privilege validation bypass during plugin installation [fedora-42]
CVE-2026-33997 inspektor-gadget: Moby: Privilege validation bypass during plugin installation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
We do not use this plugin.
*** This bug has been marked as a duplicate of bug 2455307 ***
Bugzilla
CVE-2026-33997 golang-github-docker: Moby: Privilege validation bypass during plugin installation [fedora-42]
bugzilla·2026-03-31·CVSS 8.1
CVE-2026-33997 [HIGH] CVE-2026-33997 golang-github-docker: Moby: Privilege validation bypass during plugin installation [fedora-42]
CVE-2026-33997 golang-github-docker: Moby: Privilege validation bypass during plugin installation [fedora-42]
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
Discussion:
This message is a reminder that Fedora Linux 42 is nearing its end of life.
Fedora will stop maintaining and issuing updates for Fedora Linux 42 on 2026-05-13.
It is Fedora's policy to close all bug reports from releases that are no longer
maintained. At that time this bug will be closed as EOL if it remains open with a
'version' of '42'.
Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintai
Bugzilla
CVE-2026-33997 moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation
bugzilla·2026-03-31·CVSS 6.8
CVE-2026-33997 [MEDIUM] CVE-2026-33997 moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation
CVE-2026-33997 moby: docker: github.com/moby/moby: Moby: Privilege validation bypass during plugin installation
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.
https://github.com/moby/moby/releases/tag/docker-v29.3.1https://github.com/moby/moby/security/advisories/GHSA-pxq6-2prw-chj9https://access.redhat.com/errata/RHSA-2026:21769https://access.redhat.com/errata/RHSA-2026:22347https://access.redhat.com/errata/RHSA-2026:23345https://access.redhat.com/security/cve/CVE-2026-33997https://bugzilla.redhat.com/show_bug.cgi?id=2453277https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33997.json
2026-03-31
Published