Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

github.com/moby/moby

Ecosystem:
go
Package URL:
pkg:golang/github.com/moby/moby
Total PRs:
158 Dependabot PRs
Latest PR:
9 days ago
Unique Repositories:
39 repositories
Unique Repos (30 days):
5 repositories
Security Advisories
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities
GHSA-2mm7-x5h6-5pvq CVE-2022-24769 MODERATE published over 1 year ago • updated about 13 hours ago
### Impact A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities...
Moby (Docker Engine) Insufficiently restricted permissions on data directory
GHSA-3fwx-pjgw-3558 CVE-2021-41091 MODERATE published almost 2 years ago • updated about 13 hours ago
## Impact A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficien...
Path Traversal in Moby builder
GHSA-6hwg-w5jg-9c6x CVE-2020-27534 MODERATE published almost 2 years ago • updated about 13 hours ago
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, con...
NULL Pointer Dereference on moby image history
GHSA-q59j-vv4j-v33c CVE-2024-36620 MODERATE published 12 months ago • updated about 13 hours ago
moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.
moby docker daemon crash during image pull of malicious image
GHSA-6fj5-m822-rqx8 CVE-2021-21285 MODERATE published almost 2 years ago • updated about 13 hours ago
### Impact Pulling an intentionally malformed Docker image manifest crashes the `dockerd` daemon. ### Patches Versions 20.10.3 and 19.03.15 cont...
View all 8 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
chore(deps): Bump github.com/moby/moby from 28.5.1+incompatible to 28.5.2+incompatible in /test/docker-e2e

celestiaorg/celestia-app #6165

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 9 days ago 1 comment
celestiaorg
deps: bump github.com/moby/moby from 28.5.0+incompatible to 28.5.1+incompatible

0xB1a60/runapp #49

28.5.0+incompatible → 28.5.1+incompatible Patch PR
Merged about 1 month ago
0xB1a60
build(deps): bump the gomod group with 8 updates

chainguard-dev/melange #2126

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Merged 3 months ago 1 comment
chainguard-dev
build(deps): bump the gomod group across 1 directory with 8 updates

chainguard-dev/melange #2122

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 3 months ago 1 comment
chainguard-dev
Bump the all group across 1 directory with 7 updates

dependabot/cli #496

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 3 months ago
dependabot
Bump the docker group across 1 directory with 3 updates

dependabot/cli #495

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 3 months ago
dependabot
build(deps): bump the gomod group across 1 directory with 5 updates

chainguard-dev/melange #2120

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 3 months ago 1 comment
chainguard-dev
Bump github.com/moby/moby from 28.3.2+incompatible to 28.3.3+incompatible

ChrisWiegman/kana #87

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 4 months ago
ChrisWiegman
Bump the docker group with 2 updates

dependabot/cli #488

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Closed 4 months ago 1 comment
dependabot
build(deps): bump the dependencies group with 3 updates

Scalingo/go-plugins-helpers #78

28.3.0+incompatible → 28.3.3+incompatible Patch PR
Merged 4 months ago
Scalingo
chore(deps): bump the dependencies group with 9 updates

Scalingo/sand #306

28.3.0+incompatible → 28.3.3+incompatible Patch PR
Open 4 months ago
Scalingo
build(deps): Bump github.com/moby/moby from 28.3.2+incompatible to 28.3.3+incompatible

runfinch/finch-daemon #294

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 4 months ago
runfinch
go: bump the docker group across 2 directories with 3 updates

inspektor-gadget/inspektor-gadget #4762

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 4 months ago
inspektor-gadget
build(deps): bump the gomod group across 1 directory with 3 updates

chainguard-dev/melange #2110

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 4 months ago
chainguard-dev
Bump github.com/moby/moby from 28.3.2+incompatible to 28.3.3+incompatible in /examples/go

jakecoffman/auto-merge #624

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Merged 4 months ago
jakecoffman
deps: bump github.com/moby/moby from 28.3.2+incompatible to 28.3.3+incompatible

0xB1a60/runapp #33

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Merged 4 months ago
0xB1a60
go: bump github.com/moby/moby from 28.3.0+incompatible to 28.3.2+incompatible in the docker group across 1 directory

inspektor-gadget/ig-desktop #233

28.3.0+incompatible → 28.3.2+incompatible Patch PR
Closed 4 months ago 1 comment
inspektor-gadget
Bump the docker group with 3 updates

dependabot/cli #482

28.3.0+incompatible → 28.3.2+incompatible Patch PR
Merged 4 months ago
dependabot
Bump the docker group with 3 updates

dependabot/cli #480

28.3.0+incompatible → 28.3.2+incompatible Patch PR
Closed 4 months ago 1 comment
dependabot
deps: bump github.com/moby/moby from 28.3.1+incompatible to 28.3.2+incompatible

0xB1a60/runapp #30

28.3.1+incompatible → 28.3.2+incompatible Patch PR
Open 4 months ago 1 comment
0xB1a60
Bump github.com/moby/moby from 28.3.1+incompatible to 28.3.2+incompatible in /examples/go

jakecoffman/auto-merge #610

28.3.1+incompatible → 28.3.2+incompatible Patch PR
Merged 4 months ago
jakecoffman
Bump the all group across 1 directory with 8 updates

dependabot/cli #477

28.3.0+incompatible → 28.3.1+incompatible Patch PR
Closed 5 months ago 1 comment
dependabot
Bump github.com/moby/moby from 28.3.0+incompatible to 28.3.1+incompatible in /examples/go

jakecoffman/auto-merge #608

28.3.0+incompatible → 28.3.1+incompatible Patch PR
Open 5 months ago
jakecoffman
deps: bump github.com/moby/moby from 28.3.0+incompatible to 28.3.1+incompatible

0xB1a60/runapp #29

28.3.0+incompatible → 28.3.1+incompatible Patch PR
Merged 5 months ago
0xB1a60
go: bump the docker group across 2 directories with 3 updates

inspektor-gadget/inspektor-gadget #4681

28.3.0+incompatible → 28.3.1+incompatible Patch PR
Open 5 months ago
inspektor-gadget
deps: bump github.com/moby/moby from 28.2.1+incompatible to 28.2.2+incompatible

0xB1a60/runapp #24

28.2.1+incompatible → 28.2.2+incompatible Patch PR
Merged 6 months ago
0xB1a60
go: bump the docker group across 2 directories with 3 updates

inspektor-gadget/inspektor-gadget #4548

28.2.1+incompatible → 28.2.2+incompatible Patch PR
Open 6 months ago
inspektor-gadget
Bump the docker group with 3 updates

dependabot/cli #454

28.2.1+incompatible → 28.2.2+incompatible Patch PR
Merged 6 months ago
dependabot
Bump github.com/moby/moby from 28.2.1+incompatible to 28.2.2+incompatible in /examples/go

jakecoffman/auto-merge #573

28.2.1+incompatible → 28.2.2+incompatible Patch PR
Open 6 months ago
jakecoffman
Bump github.com/moby/moby from 28.2.0+incompatible to 28.2.1+incompatible in /examples/go

jakecoffman/auto-merge #564

28.2.0+incompatible → 28.2.1+incompatible Patch PR
Merged 6 months ago
jakecoffman
Package Details
Name: github.com/moby/moby
Ecosystem: go
PURL Type: golang
Package URL: pkg:golang/github.com/moby/moby
JSON API: View JSON
Security Advisories

8

Active advisories
HIGH 2
MODERATE 6
View All golang Advisories
Package Information
Description:

Repository: https://github.com/moby/moby
Homepage: https://github.com/moby/moby
Latest Release: v27.3.1+incompatible
about 1 year ago
Dependent Repos: 1,657
Dependent Packages: 461
Ranking: Top 0.1951% by dependent repos Top 0.1978% by dependent pkgs
PR Status
Open 74 (46.8%)
Merged 20 (12.7%)
Closed 58 (36.7%)
PR Types
Major 52 (32.9%)
Patch 30 (19.0%)
Minor 70 (44.3%)