Vulnerabilities > Mobyproject > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-04 | CVE-2021-41089 | Improper Preservation of Permissions vulnerability in multiple products Moby is an open-source project created by Docker to enable software containerization. | 6.3 |
| 2021-10-04 | CVE-2021-41091 | Improper Preservation of Permissions vulnerability in multiple products Moby is an open-source project created by Docker to enable software containerization. | 6.3 |
| 2018-09-10 | CVE-2018-12608 | Improper Certificate Validation vulnerability in Mobyproject Moby An issue was discovered in Docker Moby before 17.06.0. | 5.0 |
| 2018-07-06 | CVE-2018-10892 | Execution with Unnecessary Privileges vulnerability in multiple products The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. | 5.3 |
| 2017-11-04 | CVE-2017-16539 | Information Exposure vulnerability in Mobyproject Moby The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-device" line to /proc/scsi/scsi, aka SCSI MICDROP. | 4.3 |