Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-04	CVE-2023-28841	Failing Open vulnerability in Mobyproject Moby Moby is an open source container framework developed by Docker Inc. network high complexity mobyproject CWE-636	6.8
2023-04-04	CVE-2023-28842	Failing Open vulnerability in Mobyproject Moby Moby) is an open source container framework developed by Docker Inc. network high complexity mobyproject CWE-636	6.8
2022-09-09	CVE-2022-36109	Moby is an open-source project created by Docker to enable software containerization. network low complexity mobyproject fedoraproject	6.3
2022-04-18	CVE-2022-27652	Incorrect Default Permissions vulnerability in multiple products A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. local low complexity kubernetes fedoraproject mobyproject redhat CWE-276	4.6
2022-03-24	CVE-2022-24769	Incorrect Permission Assignment for Critical Resource vulnerability in multiple products Moby is an open-source project created by Docker to enable and accelerate software containerization. local low complexity mobyproject fedoraproject linuxfoundation debian CWE-732	5.9
2021-10-04	CVE-2021-41089	Improper Preservation of Permissions vulnerability in multiple products Moby is an open-source project created by Docker to enable software containerization. local low complexity mobyproject fedoraproject CWE-281	6.3
2021-10-04	CVE-2021-41091	Improper Preservation of Permissions vulnerability in multiple products Moby is an open-source project created by Docker to enable software containerization. local low complexity mobyproject fedoraproject CWE-281	6.3
2018-09-10	CVE-2018-12608	Improper Certificate Validation vulnerability in Mobyproject Moby An issue was discovered in Docker Moby before 17.06.0. network low complexity mobyproject CWE-295	5.0
2018-07-06	CVE-2018-10892	Execution with Unnecessary Privileges vulnerability in multiple products The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. network low complexity docker mobyproject redhat opensuse CWE-250	5.3
2017-11-04	CVE-2017-16539	Information Exposure vulnerability in Mobyproject Moby The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP. network mobyproject CWE-200	4.3