CNNVD-202507-3668 Information
CNNVD ID
CNNVD-202507-3668
Related CVE
- CNNVD Published: 2025-07-30
Description (Chinese)
Moby是Moby开源的一个开源项目。旨在推动软件的容器化,并帮助生态系统使容器技术主流化。 Moby 28.2.0至28.3.2版本存在安全漏洞,该漏洞源于firewalld服务重新加载时未重新创建iptables规则,可能导致容器端口暴露。
Description (English)
Moby is an open source project for Moby open source. The aim is to promote the packaging of software and help ecosystems to mainstream packaging technology. Moby 28.2.0 to 28.3.2 contains a security loophole that stems from the failure to recreate the iptables rule at the time of reloading of the Fairewalld service and may lead to port exposure of the container.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Moby
Published
2025-07-30
Last Modified
2026-02-24
References
https://github.com/moby/moby/security/advisories/GHSA-x4rx-4gw3-53p4 https://github.com/moby/moby/commit/bea959c7b793b32a893820b97c4eadc7c87fabb0 https://github.com/moby/moby/pull/50506 https://access.redhat.com/security/cve/cve-2025-54388 https://vigilance.fr/vulnerability/Docker-Moby-ingress-filtrering-bypass-via-firewalld-47808
Patch
https://github.com/moby/moby/releases
Share on: