2453278 – (CVE-2026-34040) CVE-2026-34040 Moby: Moby: Authorization bypass vulnerability

Bug 2453278 (CVE-2026-34040) - CVE-2026-34040 Moby: Moby: Authorization bypass vulnerability

Summary: CVE-2026-34040 Moby: Moby: Authorization bypass vulnerability

Keywords:
Status:	NEW
Alias:	CVE-2026-34040
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2455306 2455307 2455308
Blocks:
TreeView+	depends on / blocked

Reported:	2026-03-31 03:01 UTC by OSIDB Bzimport
Modified:	2026-04-06 05:23 UTC (History)
CC List:	20 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-03-31 03:01:59 UTC

Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.

Note You need to log in before you can comment on or make changes to this bug.

alcohan
amctagga
aoconnor
bniver
fdeutsch
flucifre
gmeno
gparvin
groman
jbalunas
mbenjamin
mhackett
oramraz
pahickey
rhaigner
smullick
sostapov
stirabos
thason
vereddy