VYPR

Docker

by Red Hat

CVEs (4)

  • CVE-2020-14300HigJul 13, 2020
    risk 0.57cvss 8.8epss 0.00

    The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the…

  • CVE-2020-14298HigJul 13, 2020
    risk 0.57cvss 8.8epss 0.00

    The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container…

  • CVE-2021-33183HigJun 1, 2021
    risk 0.51cvss 7.9epss 0.00

    Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability container volume management component in Synology Docker before 18.09.0-0515 allows local users to read or write arbitrary files via unspecified vectors.

  • CVE-2015-1843Apr 6, 2015
    risk 0.00cvss epss 0.02

    The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a…