Docker
by Docker
Source repositories
CVEs (27)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-41110 | Cri | 0.59 | 9.9 | 0.17 | Jul 24, 2024 | Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base… | ||
| CVE-2024-9348 | Hig | 0.58 | — | 0.00 | Oct 16, 2024 | Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view. | ||
| CVE-2018-15514 | Hig | 0.57 | 8.8 | 0.02 | Sep 1, 2018 | HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in… | ||
| CVE-2014-5282 | Hig | 0.53 | 8.1 | 0.01 | Feb 6, 2018 | Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'. | ||
| CVE-2014-0047 | Hig | 0.51 | 7.8 | 0.00 | Oct 6, 2017 | Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. | ||
| CVE-2016-8867 | Hig | 0.49 | 7.5 | 0.03 | Oct 28, 2016 | Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes. | ||
| CVE-2016-3697 | Hig | 0.44 | 7.8 | 0.00 | Jun 1, 2016 | libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container. | ||
| CVE-2017-14992 | Med | 0.42 | 6.5 | 0.02 | Nov 1, 2017 | Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing. | ||
| CVE-2016-6595 | Med | 0.42 | 6.5 | 0.02 | Jan 4, 2017 | The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is… | ||
| CVE-2016-9962 | Med | 0.35 | 6.4 | 0.00 | Jan 31, 2017 | RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to… | ||
| CVE-2018-15664 | 0.01 | — | 0.03 | May 23, 2019 | In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not… | |||
| CVE-2014-9357 | 0.01 | — | 0.06 | Dec 16, 2014 | Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction. | |||
| CVE-2025-15558 | 0.00 | — | 0.00 | Mar 4, 2026 | Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that… | |||
| CVE-2020-27352 | 0.00 | — | 0.00 | Jun 21, 2024 | When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself… | |||
| CVE-2020-35467 | 0.00 | — | 0.02 | Dec 15, 2020 | The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Docker Docs container may allow a remote attacker to achieve root access with a blank password. | |||
| CVE-2014-5278 | 0.00 | — | 0.02 | Feb 7, 2020 | A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs. | |||
| CVE-2014-0048 | 0.00 | — | 0.07 | Jan 2, 2020 | An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways. | |||
| CVE-2019-5736 | 0.00 | — | 0.99 | Feb 11, 2019 | runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new… | |||
| CVE-2018-10892 | Med | 0.00 | 5.3 | 0.01 | Jul 6, 2018 | The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness. | ||
| CVE-2015-3631 | 0.00 | — | 0.01 | May 18, 2015 | Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc. |
- risk 0.59cvss 9.9epss 0.17
Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base…
- risk 0.58cvss —epss 0.00
Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view.
- risk 0.57cvss 8.8epss 0.02
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in…
- risk 0.53cvss 8.1epss 0.01
Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.
- risk 0.51cvss 7.8epss 0.00
Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage.
- risk 0.49cvss 7.5epss 0.03
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.
- risk 0.44cvss 7.8epss 0.00
libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.
- risk 0.42cvss 6.5epss 0.02
Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing.
- risk 0.42cvss 6.5epss 0.02
The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is…
- risk 0.35cvss 6.4epss 0.00
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to…
- CVE-2018-15664May 23, 2019risk 0.01cvss —epss 0.03
In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not…
- CVE-2014-9357Dec 16, 2014risk 0.01cvss —epss 0.06
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.
- CVE-2025-15558Mar 4, 2026risk 0.00cvss —epss 0.00
Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that…
- CVE-2020-27352Jun 21, 2024risk 0.00cvss —epss 0.00
When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself…
- CVE-2020-35467Dec 15, 2020risk 0.00cvss —epss 0.02
The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user. Systems deployed using affected versions of the Docker Docs container may allow a remote attacker to achieve root access with a blank password.
- CVE-2014-5278Feb 7, 2020risk 0.00cvss —epss 0.02
A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.
- CVE-2014-0048Jan 2, 2020risk 0.00cvss —epss 0.07
An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways.
- CVE-2019-5736Feb 11, 2019risk 0.00cvss —epss 0.99
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new…
- risk 0.00cvss 5.3epss 0.01
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.
- CVE-2015-3631May 18, 2015risk 0.00cvss —epss 0.01
Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc.
Page 1 of 2