CVE-2026-33997 in Mobyinformation

Résumé (Anglaise)

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.

Responsable

GitHub_M

Réserver

24/03/2026

Divulgation

31/03/2026

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
354315	Moby buffer overflow	193	Non défini	Correctif officiel	CVE-2026-33997

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

◂ PrécédentAperçuSuivant ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!