`github.com/moby/moby`

Ecosystem:
go

Package URL:
pkg:golang/github.com/moby/moby

Total PRs:
166 Dependabot PRs

Latest PR:
about 1 month ago

Unique Repositories:
39 repositories

Unique Repos (30 days):
1 repository

Security Advisories

moby docker daemon crash during image pull of malicious image

GHSA-6fj5-m822-rqx8 CVE-2021-21285 MODERATE published about 2 years ago • updated 4 days ago

### Impact Pulling an intentionally malformed Docker image manifest crashes the `dockerd` daemon. ### Patches Versions 20.10.3 and 19.03.15 cont...

Moby (Docker Engine) started with non-empty inheritable Linux process capabilities

GHSA-2mm7-x5h6-5pvq CVE-2022-24769 MODERATE published almost 2 years ago • updated 1 day ago

### Impact A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities...

Moby (Docker Engine) Insufficiently restricted permissions on data directory

GHSA-3fwx-pjgw-3558 CVE-2021-41091 MODERATE published about 2 years ago • updated 6 days ago

## Impact A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficien...

Docker Moby /proc/scsi Path Exposure Allows Host Data Loss (SCSI MICDROP)

GHSA-vfjc-2qcw-j95j CVE-2017-16539 MODERATE published almost 4 years ago • updated 6 days ago

The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to t...

Moby Race Condition vulnerability

GHSA-2mj3-vfvx-fc43 CVE-2024-36621 HIGH published about 1 year ago • updated 3 days ago

moby v25.0.5 is affected by a Race Condition in builder/builder-next/adapters/snapshot/layer.go. The vulnerability could be used to trigger concurr...

View all 9 advisories

Recent PRs (filtered by: Patch PRs )

RSS Feed Clear filter

Bump the docker group across 1 directory with 5 updates

dependabot/cli #555

28.5.1+incompatible → 28.5.2+incompatible Patch PR

Open about 1 month ago 2 comments

Bump the docker group across 1 directory with 4 updates

dependabot/cli #553

28.5.1+incompatible → 28.5.2+incompatible Patch PR

Closed about 2 months ago 1 comment

chore(deps): Bump github.com/moby/moby from 28.5.1+incompatible to 28.5.2+incompatible in /test/docker-e2e

celestiaorg/celestia-app #6165

28.5.1+incompatible → 28.5.2+incompatible Patch PR

Open 3 months ago 1 comment

deps: bump github.com/moby/moby from 28.5.0+incompatible to 28.5.1+incompatible

0xB1a60/runapp #49

28.5.0+incompatible → 28.5.1+incompatible Patch PR

Merged 4 months ago

build(deps): bump the gomod group with 8 updates

chainguard-dev/melange #2126

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Merged 6 months ago 1 comment

build(deps): bump the gomod group across 1 directory with 8 updates

chainguard-dev/melange #2122

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Open 6 months ago 1 comment

Bump the all group across 1 directory with 7 updates

dependabot/cli #496

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Open 6 months ago

Bump the docker group across 1 directory with 3 updates

dependabot/cli #495

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Open 6 months ago

build(deps): bump the gomod group across 1 directory with 5 updates

chainguard-dev/melange #2120

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Open 6 months ago 1 comment

Bump github.com/moby/moby from 28.3.2+incompatible to 28.3.3+incompatible

ChrisWiegman/kana #87

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Open 7 months ago

Bump the docker group with 2 updates

dependabot/cli #488

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Closed 7 months ago 1 comment

build(deps): bump the dependencies group with 3 updates

Scalingo/go-plugins-helpers #78

28.3.0+incompatible → 28.3.3+incompatible Patch PR

Merged 7 months ago

chore(deps): bump the dependencies group with 9 updates

Scalingo/sand #306

28.3.0+incompatible → 28.3.3+incompatible Patch PR

Open 7 months ago

build(deps): Bump github.com/moby/moby from 28.3.2+incompatible to 28.3.3+incompatible

runfinch/finch-daemon #294

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Open 7 months ago

go: bump the docker group across 2 directories with 3 updates

inspektor-gadget/inspektor-gadget #4762

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Open 7 months ago

build(deps): bump the gomod group across 1 directory with 3 updates

chainguard-dev/melange #2110

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Open 7 months ago

Bump github.com/moby/moby from 28.3.2+incompatible to 28.3.3+incompatible in /examples/go

jakecoffman/auto-merge #624

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Merged 7 months ago

deps: bump github.com/moby/moby from 28.3.2+incompatible to 28.3.3+incompatible

0xB1a60/runapp #33

28.3.2+incompatible → 28.3.3+incompatible Patch PR

Merged 7 months ago

go: bump github.com/moby/moby from 28.3.0+incompatible to 28.3.2+incompatible in the docker group across 1 directory

inspektor-gadget/ig-desktop #233

28.3.0+incompatible → 28.3.2+incompatible Patch PR

Closed 7 months ago 1 comment

Bump the docker group with 3 updates

dependabot/cli #482

28.3.0+incompatible → 28.3.2+incompatible Patch PR

Merged 7 months ago

Bump the docker group with 3 updates

dependabot/cli #480

28.3.0+incompatible → 28.3.2+incompatible Patch PR

Closed 7 months ago 1 comment

deps: bump github.com/moby/moby from 28.3.1+incompatible to 28.3.2+incompatible

0xB1a60/runapp #30

28.3.1+incompatible → 28.3.2+incompatible Patch PR

Open 7 months ago 1 comment

Bump github.com/moby/moby from 28.3.1+incompatible to 28.3.2+incompatible in /examples/go

jakecoffman/auto-merge #610

28.3.1+incompatible → 28.3.2+incompatible Patch PR

Merged 7 months ago

Bump the all group across 1 directory with 8 updates

dependabot/cli #477

28.3.0+incompatible → 28.3.1+incompatible Patch PR

Closed 8 months ago 1 comment

Bump github.com/moby/moby from 28.3.0+incompatible to 28.3.1+incompatible in /examples/go

jakecoffman/auto-merge #608

28.3.0+incompatible → 28.3.1+incompatible Patch PR

Open 8 months ago

deps: bump github.com/moby/moby from 28.3.0+incompatible to 28.3.1+incompatible

0xB1a60/runapp #29

28.3.0+incompatible → 28.3.1+incompatible Patch PR

Merged 8 months ago

go: bump the docker group across 2 directories with 3 updates

inspektor-gadget/inspektor-gadget #4681

28.3.0+incompatible → 28.3.1+incompatible Patch PR

Open 8 months ago

deps: bump github.com/moby/moby from 28.2.1+incompatible to 28.2.2+incompatible

0xB1a60/runapp #24

28.2.1+incompatible → 28.2.2+incompatible Patch PR

Merged 9 months ago

go: bump the docker group across 2 directories with 3 updates

inspektor-gadget/inspektor-gadget #4548

28.2.1+incompatible → 28.2.2+incompatible Patch PR

Open 9 months ago

Bump the docker group with 3 updates

dependabot/cli #454

28.2.1+incompatible → 28.2.2+incompatible Patch PR

Merged 9 months ago

Bump github.com/moby/moby from 28.2.1+incompatible to 28.2.2+incompatible in /examples/go

jakecoffman/auto-merge #573

28.2.1+incompatible → 28.2.2+incompatible Patch PR

Open 9 months ago

Bump github.com/moby/moby from 28.2.0+incompatible to 28.2.1+incompatible in /examples/go

jakecoffman/auto-merge #564

28.2.0+incompatible → 28.2.1+incompatible Patch PR

Merged 9 months ago

Package Details

Name:	`github.com/moby/moby`
Ecosystem:	go
PURL Type:	golang
Package URL:	`pkg:golang/github.com/moby/moby`
JSON API:	View JSON

Security Advisories

9

Active advisories

HIGH 2

MODERATE 7

View All golang Advisories

Package Information

Description:

Repository:	https://github.com/moby/moby
Homepage:	https://github.com/moby/moby
Latest Release:	`v27.3.1+incompatible` over 1 year ago
Dependent Repos:	1,657
Dependent Packages:	461
Ranking:	Top 0.1951% by dependent repos Top 0.1978% by dependent pkgs

PR Status

Open 75 (45.2%)

Merged 20 (12.0%)

Closed 65 (39.2%)

PR Types

Major 54 (32.5%)

Patch 32 (19.3%)

Minor 74 (44.6%)