Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-54388

Good to know:

icon

Date: July 30, 2025

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including those created by Docker. While Docker should automatically recreate these rules, versions before 28.3.3 fail to recreate the specific rules that block external access to containers. This means that after a firewalld reload, containers with ports published to localhost (like 127.0.0.1:8080) become accessible from remote machines that have network routing to the Docker bridge, even though they should only be accessible from the host itself. The vulnerability only affects explicitly published ports - unpublished ports remain protected. This issue is fixed in version 28.3.3.

Severity Score

Related Resources (7)

https://github.com/moby/moby/commit/bea959c7b793b32a893820b97c4eadc7c87fabb0
https://nvd.nist.gov/vuln/detail/CVE-2025-54388
https://github.com/moby/moby
https://github.com/moby/moby/pull/50506
https://github.com/moby/moby/security/advisories/GHSA-x4rx-4gw3-53p4
https://security-tracker.debian.org/tracker/CVE-2025-54388
https://www.mend.io/vulnerability-database/CVE-2025-54388

Severity Score

Weakness Type (CWE)

Missing Initialization of Resource

CWE-909

Top Fix

icon

Upgrade Version

Upgrade to version github.com/docker/docker - v28.3.3

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): ADJACENT_NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): NONE

Do you need more information?

Contact Us