UBUNTU-CVE-2026-33997
- Source
- https://ubuntu.com/security/CVE-2026-33997
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-33997.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-33997
- Upstream
- Published
- 2026-03-31T03:15:00Z
- Modified
- 2026-04-08T15:12:18.014200Z
- Severity
-
- 6.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may incorrectly accept a privilege set that differs from the one approved by the user. Plugins that request exactly one privilege are also affected, because no comparison is performed at all. This issue has been patched in version 29.3.1.
- References
Affected packages
Ubuntu:25.10
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io@26.1.5+dfsg1-9ubuntu1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
docker.io-app
Package
- Name
- docker.io-app
- Purl
- pkg:deb/ubuntu/docker.io-app@29.1.3-0ubuntu3~25.10.1?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
27.*
27.5.1-0ubuntu3
27.5.1-0ubuntu4
28.*
28.2.2-0ubuntu1
29.*
29.1.3-0ubuntu3~25.10.1
Ubuntu:Pro:16.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io@18.09.7-0ubuntu1~16.04.9+esm2?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.6.2~dfsg1-1ubuntu4
1.10.2-0ubuntu3
1.10.2-0ubuntu4
1.10.3-0ubuntu1
1.10.3-0ubuntu4
1.10.3-0ubuntu5
1.10.3-0ubuntu6
1.11.2-0ubuntu5~16.04
1.12.1-0ubuntu13~16.04.1
1.12.3-0ubuntu4~16.04.2
1.12.6-0ubuntu1~16.04.1
1.13.1-0ubuntu1~16.04.2
17.*
17.03.2-0ubuntu2~16.04.1
18.*
18.06.1-0ubuntu1~16.04.2
18.06.1-0ubuntu1.2~16.04.1
18.09.2-0ubuntu1~16.04.1
18.09.5-0ubuntu1~16.04.2
18.09.7-0ubuntu1~16.04.1
18.09.7-0ubuntu1~16.04.4
18.09.7-0ubuntu1~16.04.5
18.09.7-0ubuntu1~16.04.6
18.09.7-0ubuntu1~16.04.7
18.09.7-0ubuntu1~16.04.9+esm1
18.09.7-0ubuntu1~16.04.9+esm2
Ecosystem specific
{
"binaries": [
{
"binary_version": "18.09.7-0ubuntu1~16.04.9+esm2",
"binary_name": "docker.io"
},
{
"binary_version": "18.09.7-0ubuntu1~16.04.9+esm2",
"binary_name": "golang-docker-dev"
},
{
"binary_version": "18.09.7-0ubuntu1~16.04.9+esm2",
"binary_name": "golang-github-docker-docker-dev"
},
{
"binary_version": "18.09.7-0ubuntu1~16.04.9+esm2",
"binary_name": "vim-syntax-docker"
}
]
}Ubuntu:Pro:18.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io@20.10.21-0ubuntu1~18.04.3+esm3?arch=source&distro=esm-apps/bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.13.1-0ubuntu6
17.*
17.03.2-0ubuntu1
17.03.2-0ubuntu3
17.03.2-0ubuntu5
17.12.1-0ubuntu1
18.*
18.06.1-0ubuntu1~18.04.1
18.06.1-0ubuntu1.2~18.04.1
18.09.2-0ubuntu1~18.04.1
18.09.5-0ubuntu1~18.04.2
18.09.7-0ubuntu1~18.04.1
18.09.7-0ubuntu1~18.04.3
18.09.7-0ubuntu1~18.04.4
19.*
19.03.6-0ubuntu1~18.04.1
19.03.6-0ubuntu1~18.04.2
19.03.6-0ubuntu1~18.04.3
20.*
20.10.2-0ubuntu1~18.04.2
20.10.2-0ubuntu1~18.04.3
20.10.7-0ubuntu1~18.04.1
20.10.7-0ubuntu1~18.04.2
20.10.7-0ubuntu5~18.04.2
20.10.7-0ubuntu5~18.04.3
20.10.12-0ubuntu2~18.04.1
20.10.21-0ubuntu1~18.04.2
20.10.21-0ubuntu1~18.04.3
20.10.21-0ubuntu1~18.04.3+esm1
20.10.21-0ubuntu1~18.04.3+esm2
20.10.21-0ubuntu1~18.04.3+esm3
Ecosystem specific
{
"binaries": [
{
"binary_version": "20.10.21-0ubuntu1~18.04.3+esm3",
"binary_name": "docker.io"
},
{
"binary_version": "20.10.21-0ubuntu1~18.04.3+esm3",
"binary_name": "golang-docker-dev"
},
{
"binary_version": "20.10.21-0ubuntu1~18.04.3+esm3",
"binary_name": "golang-github-docker-docker-dev"
},
{
"binary_version": "20.10.21-0ubuntu1~18.04.3+esm3",
"binary_name": "vim-syntax-docker"
}
]
}Ubuntu:Pro:20.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io@20.10.21-0ubuntu1~20.04.6+esm2?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
19.*
19.03.2-0ubuntu1
19.03.6-0ubuntu1
19.03.8-0ubuntu1
19.03.8-0ubuntu1.20.04
19.03.8-0ubuntu1.20.04.1
19.03.8-0ubuntu1.20.04.2
20.*
20.10.2-0ubuntu1~20.04.2
20.10.2-0ubuntu1~20.04.3
20.10.7-0ubuntu1~20.04.1
20.10.7-0ubuntu1~20.04.2
20.10.7-0ubuntu5~20.04.1
20.10.7-0ubuntu5~20.04.2
20.10.12-0ubuntu2~20.04.1
20.10.21-0ubuntu1~20.04.1
20.10.21-0ubuntu1~20.04.2
20.10.21-0ubuntu1~20.04.4
20.10.21-0ubuntu1~20.04.5
20.10.21-0ubuntu1~20.04.6
20.10.21-0ubuntu1~20.04.6+esm1
20.10.21-0ubuntu1~20.04.6+esm2
Ecosystem specific
{
"binaries": [
{
"binary_version": "20.10.21-0ubuntu1~20.04.6+esm2",
"binary_name": "golang-docker-dev"
},
{
"binary_version": "20.10.21-0ubuntu1~20.04.6+esm2",
"binary_name": "golang-github-docker-docker-dev"
},
{
"binary_version": "20.10.21-0ubuntu1~20.04.6+esm2",
"binary_name": "vim-syntax-docker"
}
]
}docker.io-app
Package
- Name
- docker.io-app
- Purl
- pkg:deb/ubuntu/docker.io-app@26.1.3-0ubuntu1~20.04.1+esm1?arch=source&distro=esm-apps/focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.10.25-0ubuntu1~20.04.1
20.10.25-0ubuntu1~20.04.2
24.*
24.0.5-0ubuntu1~20.04.1
24.0.7-0ubuntu2~20.04.1
26.*
26.1.3-0ubuntu1~20.04.1
26.1.3-0ubuntu1~20.04.1+esm1
Ubuntu:Pro:22.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io@20.10.21-0ubuntu1~22.04.8+esm1?arch=source&distro=esm-apps/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.10.7-0ubuntu5
20.10.7-0ubuntu7
20.10.12-0ubuntu1
20.10.12-0ubuntu2
20.10.12-0ubuntu3
20.10.12-0ubuntu3+gke1.24.1
20.10.12-0ubuntu4
20.10.21-0ubuntu1~22.04.2
20.10.21-0ubuntu1~22.04.3
20.10.21-0ubuntu1~22.04.5
20.10.21-0ubuntu1~22.04.6
20.10.21-0ubuntu1~22.04.7
20.10.21-0ubuntu1~22.04.7+esm1
20.10.21-0ubuntu1~22.04.7+esm2
20.10.21-0ubuntu1~22.04.8
20.10.21-0ubuntu1~22.04.8+esm1
Ecosystem specific
{
"binaries": [
{
"binary_version": "20.10.21-0ubuntu1~22.04.8+esm1",
"binary_name": "golang-docker-dev"
},
{
"binary_version": "20.10.21-0ubuntu1~22.04.8+esm1",
"binary_name": "golang-github-docker-docker-dev"
},
{
"binary_version": "20.10.21-0ubuntu1~22.04.8+esm1",
"binary_name": "vim-syntax-docker"
}
]
}docker.io-app
Package
- Name
- docker.io-app
- Purl
- pkg:deb/ubuntu/docker.io-app@27.5.1-0ubuntu3~22.04.2?arch=source&distro=esm-apps/jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.10.25-0ubuntu1~22.04.1
20.10.25-0ubuntu1~22.04.2
24.*
24.0.5-0ubuntu1~22.04.1
24.0.7-0ubuntu2~22.04.1
26.*
26.1.3-0ubuntu1~22.04.1
26.1.3-0ubuntu1~22.04.1+esm1
27.*
27.5.1-0ubuntu3~22.04.1
27.5.1-0ubuntu3~22.04.2
28.*
28.2.2-0ubuntu1~22.04.1
29.*
29.1.3-0ubuntu3~22.04.1
Ubuntu:Pro:24.04:LTS
docker.io
Package
- Name
- docker.io
- Purl
- pkg:deb/ubuntu/docker.io@20.10.25+dfsg1-2ubuntu1.24.04.1+esm1?arch=source&distro=esm-apps/noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
20.*
20.10.24+dfsg1-1ubuntu2
20.10.25+dfsg1-2ubuntu1
20.10.25+dfsg1-2ubuntu1+esm1
20.10.25+dfsg1-2ubuntu1+esm2
20.10.25+dfsg1-2ubuntu1.24.04.1
20.10.25+dfsg1-2ubuntu1.24.04.1+esm1
docker.io-app
Package
- Name
- docker.io-app
- Purl
- pkg:deb/ubuntu/docker.io-app@27.5.1-0ubuntu3~24.04.2?arch=source&distro=esm-apps/noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
24.*
24.0.5-0ubuntu1
24.0.7-0ubuntu1
24.0.7-0ubuntu2
24.0.7-0ubuntu3
24.0.7-0ubuntu4
24.0.7-0ubuntu4.1
26.*
26.1.3-0ubuntu1~24.04.1
26.1.3-0ubuntu1~24.04.1+esm1
27.*
27.5.1-0ubuntu3~24.04.1
27.5.1-0ubuntu3~24.04.2
28.*
28.2.2-0ubuntu1~24.04.1
29.*
29.1.3-0ubuntu3~24.04.1