Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-9wuh-q68p-jyfu
SummaryMoby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulnerability affects Moby releases before 28.0.0. When firewalld reloads, Docker fails to re-create iptables rules that isolate bridge networks, allowing any container to access all ports on any other container across different bridge networks on the same host. This breaks network segmentation between containers that should be isolated, creating significant risk in multi-tenant environments. Only containers in --internal networks remain protected. Workarounds include reloading firewalld and either restarting the docker daemon, re-creating bridge networks, or using rootless mode. Maintainers anticipate a fix for this issue in version 25.0.13.
Aliases
0
alias CVE-2025-54410
1
alias GHSA-4vq8-7jfc-9cvp
Fixed_packages
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54410.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54410.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-54410
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.0536
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-54410
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54410
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54410
3
reference_url https://firewalld.org/documentation/howto/reload-firewalld.html
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T13:37:49Z/
url https://firewalld.org/documentation/howto/reload-firewalld.html
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/moby/moby
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moby/moby
6
reference_url https://github.com/moby/moby/pull/49443
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moby/moby/pull/49443
7
reference_url https://github.com/moby/moby/pull/49728
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/moby/moby/pull/49728
8
reference_url https://github.com/moby/moby/security/advisories/GHSA-4vq8-7jfc-9cvp
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-30T13:37:49Z/
url https://github.com/moby/moby/security/advisories/GHSA-4vq8-7jfc-9cvp
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-54410
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-54410
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110408
reference_id 1110408
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110408
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2384951
reference_id 2384951
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2384951
Weaknesses
0
cwe_id 909
name Missing Initialization of Resource
description The product does not initialize a critical resource.
Exploits
Severity_range_score0.1 - 3.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-9wuh-q68p-jyfu