moby v25.0.0 - v26.0.2 is vulnerable to NULL Pointer Dereference via daemon/images/image_history.go.
The product dereferences a pointer that it expects to be valid but is NULL.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Moby | Mobyproject | 25.0.0 (including) | 26.0.2 (including) |
| Red Hat OpenShift Container Platform 4.16 | RedHat | openshift4/ose-agent-installer-api-server-rhel9:v4.16.0-202503121138.p0.gef6fa80.assembly.stream.el9 | * |
| Red Hat OpenShift Container Platform 4.17 | RedHat | openshift4/ose-agent-installer-api-server-rhel9:v4.17.0-202502172135.p0.g9145aec.assembly.stream.el9 | * |