Description
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
Published: 2026-03-31
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: Authorization Bypass
Action: Patch Immediately
AI Analysis

Impact

A flaw in the Moby container framework allows an attacker to bypass authorization plugins by submitting an oversized request body. This privilege escalation can grant the attacker the ability to perform actions that normally require explicit authorization, potentially compromising the confidentiality, integrity and availability of the container environment. The weakness is classified under CWE‑288 and CWE‑807 and carries a CVSS score of 8.8.

Affected Systems

All versions of Moby released before 29.3.1 are affected. The vulnerability was fixed in release 29.3.1 and later versions are not vulnerable.

Risk and Exploitability

The CVSS base score indicates significant risk, while the EPSS value of less than 1% suggests that public exploitation is currently uncommon. The vulnerability is not listed in CISA’s KEV catalog. The likely attack path requires direct network access to the Moby service and involves crafting a request that exceeds the expected body size to trigger the authorization bypass.

Generated by OpenCVE AI on April 6, 2026 at 15:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Moby to version 29.3.1 or newer.
  • Verify that the upgrade has been applied correctly by checking the Moby version and conducting a basic authorization test.
  • If an immediate upgrade is not possible, restrict inbound traffic to the Moby service to trusted IP addresses using a firewall or proxy to reduce exposure to the exploit.

Generated by OpenCVE AI on April 6, 2026 at 15:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-x744-4wpc-v9h2 Moby has AuthZ plugin bypass when provided oversized request bodies
History

Mon, 06 Apr 2026 13:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-807
References
Metrics threat_severity

None

 threat_severity

Moderate

Fri, 03 Apr 2026 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Mobyproject
Mobyproject moby
CPEs cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*
Vendors & Products Mobyproject
Mobyproject moby

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Moby
Moby moby
Vendors & Products Moby
Moby moby

Tue, 31 Mar 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 31 Mar 2026 03:00:00 +0000

Type Values Removed Values Added
Description Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
Title Moby: AuthZ plugin bypass with oversized request body
Weaknesses CWE-288
References
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}

Subscriptions

Moby Moby
Mobyproject Moby
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-02T03:55:56.676Z

Reserved: 2026-03-25T15:29:04.744Z

Link: CVE-2026-34040

cve-icon Vulnrichment

Updated: 2026-03-31T15:34:59.017Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-31T03:15:57.883

Modified: 2026-04-03T16:51:28.670

Link: CVE-2026-34040

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-31T01:36:48Z

Links: CVE-2026-34040 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-07T08:08:14Z

Weaknesses