Bug 2453278 (CVE-2026-34040)
| Summary: | CVE-2026-34040 Moby: Moby: Authorization bypass vulnerability | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | alcohan, amctagga, aoconnor, bniver, fdeutsch, flucifre, gmeno, gparvin, groman, jbalunas, mbenjamin, mhackett, oramraz, pahickey, rhaigner, smullick, sostapov, stirabos, thason, vereddy |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A flaw was found in Moby, an open-source container framework. This security vulnerability allows attackers to bypass authorization plugins (AuthZ), which are mechanisms designed to control access and permissions within the container environment. The bypass of these plugins can lead to unauthorized operations and potential compromise of the system's integrity and confidentiality.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2455306, 2455307, 2455308 | ||
| Bug Blocks: | |||
|
Description
OSIDB Bzimport
2026-03-31 03:01:59 UTC
|