VYPR

Vendor CVEs

Docker

All CVEs

93 total · sorted by risk
  • CVE-2025-9074CriAug 20, 2025
    risk 0.64cvss epss 0.02

    A vulnerability was identified in Docker Desktop that allows local running Linux containers to access the Docker Engine API via the configured Docker subnet, at 192.168.65.7:2375 by default. This vulnerability occurs with or without Enhanced Container Isolation (ECI) enabled,…

  • CVE-2015-9259CriMar 31, 2018
    risk 0.64cvss 9.8epss 0.01

    In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does. Even if a user creates a new root.json file after a key compromise, an attacker can produce update files referring to…

  • CVE-2025-12744HigDec 3, 2025
    risk 0.60cvss 8.8epss 0.01

    A flaw was found in the ABRT daemon’s handling of user-supplied mount information.ABRT copies up to 12 characters from an untrusted input and places them directly into a shell command (docker inspect %s) without proper validation. An unprivileged local user can craft a payload…

  • CVE-2024-41110CriJul 24, 2024
    risk 0.59cvss 9.9epss 0.17

    Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. The base…

  • CVE-2024-9348HigOct 16, 2024
    risk 0.58cvss epss 0.00

    Docker Desktop before v4.34.3 allows RCE via unsanitized GitHub source link in Build view.

  • CVE-2026-6406HigMay 22, 2026
    risk 0.57cvss 8.8epss 0.00

    The Docker CLI --use-api-socket flag bypasses Enhanced Container Isolation (ECI) restrictions in Docker Desktop. When ECI is enabled, Docker socket mounts from containers are denied unless explicitly allowed via the admin-settings configuration. However, the --use-api-socket…

  • CVE-2025-9164HigOct 27, 2025
    risk 0.57cvss epss 0.00

    Docker Desktop Installer.exe is vulnerable to DLL hijacking due to insecure DLL search order. The installer searches for required DLLs in the user's Downloads folder before checking system directories, allowing local privilege escalation through malicious DLL placement.This…

  • CVE-2025-10657HigSep 26, 2025
    risk 0.57cvss epss 0.00

    In a hardened Docker environment, with Enhanced Container Isolation ( ECI https://docs.docker.com/enterprise/security/hardened-desktop/enhanced-container-isolation/ ) enabled, an administrator can utilize the command restrictions feature https://docs.docker.com/enterprise/securi…

  • CVE-2018-15514HigSep 1, 2018
    risk 0.57cvss 8.8epss 0.02

    HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in…

  • CVE-2026-8936HigJun 2, 2026
    risk 0.53cvss epss 0.00

    Fixed a VM panic caused by unbounded recursion in the grpcfuse kernel module when a container created deeply nested directories on a bind-mounted host folder and triggered a dentry invalidation event. This issue has been fixed in Docker Desktop 4.76.0.

  • CVE-2026-5843HigMay 22, 2026
    risk 0.53cvss 8.2epss 0.00

    The MLX inference backend in Docker Model Runner on macOS uses the MLX-LM library, which unconditionally imports and executes arbitrary Python files from model directories via the model_file configuration field in config.json. When a model's config.json specifies a model_file…

  • CVE-2026-5817HigMay 22, 2026
    risk 0.53cvss 8.2epss 0.00

    The vllm-metal inference backend in Docker Model Runner on macOS unconditionally sets trust_remote_code=True when loading model tokenizers, and runs without sandboxing. This causes transformers.AutoTokenizer.from_pretrained() to import and execute arbitrary Python files included…

  • CVE-2014-5282HigFeb 6, 2018
    risk 0.53cvss 8.1epss 0.01

    Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

  • CVE-2026-33990CriApr 1, 2026
    risk 0.52cvss 9.1epss 0.00

    Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the…

  • CVE-2025-62725HigOct 27, 2025
    risk 0.52cvss epss 0.14

    Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker‑supplied value from com.docker.compose.file/com.docker.compose.envfile…

  • CVE-2026-34040HigMar 31, 2026
    risk 0.51cvss 8.8epss 0.08

    Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.

  • CVE-2014-0047HigOct 6, 2017
    risk 0.51cvss 7.8epss 0.00

    Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage.

  • CVE-2026-28400HigFeb 27, 2026
    risk 0.49cvss 7.5epss 0.00

    Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime flags without authentication. These flags are passed directly to the underlying…

  • CVE-2016-8867HigOct 28, 2016
    risk 0.49cvss 7.5epss 0.03

    Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.

  • CVE-2026-42306HigJun 12, 2026
    risk 0.47cvss 7.2epss 0.00

    Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to redirect a bind mount…

  • CVE-2025-14740MedFeb 4, 2026
    risk 0.44cvss 6.7epss 0.00

    Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation…

  • CVE-2024-57782MedFeb 13, 2025
    risk 0.44cvss 6.8epss 0.00

    An issue in Docker-proxy v18.09.0 allows attackers to cause a denial of service.

  • CVE-2016-3697HigJun 1, 2016
    risk 0.44cvss 7.8epss 0.00

    libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.

  • CVE-2015-3629HigMay 18, 2015
    risk 0.44cvss 7.8epss 0.01

    Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.

  • CVE-2017-14992MedNov 1, 2017
    risk 0.42cvss 6.5epss 0.02

    Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing.

  • CVE-2017-11468HigJul 20, 2017
    risk 0.42cvss 7.5epss 0.03

    Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.

  • CVE-2016-6595MedJan 4, 2017
    risk 0.42cvss 6.5epss 0.02

    The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is…

  • CVE-2026-41568MedJun 12, 2026
    risk 0.40cvss 6.1epss 0.00

    Moby is an open source container framework. In Docker Engine prior to version 29.5.1, Docker Daemon versions 28.5.2 and prior, and Moby Daemon prior to version 2.0.0-beta.14, a race condition during docker cp mount setup allows a malicious container to create empty files or…

  • CVE-2026-55887higJun 18, 2026
    risk 0.38cvss epss

    ## Summary A maliciously crafted OCI image label can inject arbitrary arguments into the `docker run` command line constructed by the MCP Gateway. An attacker who controls an image that the victim references via `docker://`, or that the victim's catalog pulls a snapshot from,…

  • CVE-2026-33997MedMar 31, 2026
    risk 0.37cvss 6.8epss 0.00

    Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. Due to an error in the daemon's privilege comparison logic, the daemon may…

  • CVE-2016-9962MedJan 31, 2017
    risk 0.35cvss 6.4epss 0.00

    RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to…

  • CVE-2025-6587MedJul 3, 2025
    risk 0.34cvss epss 0.00

    System environment variables are recorded in Docker Desktop diagnostic logs, when using shell auto-completion. This leads to unintentional disclosure of sensitive information such as api keys, passwords, etc.  A malicious actor with read access to these logs could obtain…

  • CVE-2025-3911MedApr 29, 2025
    risk 0.34cvss epss 0.00

    Recording of environment variables, configured for running containers, in Docker Desktop application logs could lead to unintentional disclosure of sensitive information such as api keys, passwords, etc. A malicious actor with read access to these logs could obtain sensitive…

  • CVE-2025-1696MedMar 6, 2025
    risk 0.34cvss epss 0.00

    A vulnerability exists in Docker Desktop prior to version 4.39.0 that could lead to the unintentional disclosure of sensitive information via application logs. In affected versions, proxy configuration data—potentially including sensitive details—was written to log files in…

  • CVE-2025-4095MedApr 29, 2025
    risk 0.28cvss epss 0.00

    Registry Access Management (RAM) is a security feature allowing administrators to restrict access for their developers to only allowed registries. When a MacOS configuration profile is used to enforce organization sign-in, the RAM policies are not being applied, which would…

  • CVE-2025-0495MedMar 17, 2025
    risk 0.20cvss epss 0.00

    Buildx is a Docker CLI plugin that extends build capabilities using BuildKit. Cache backends support credentials by setting secrets directly as attribute values in cache-to/cache-from configuration. When supplied as user input, these secure values may be inadvertently captured…

  • CVE-2019-15752KEVAug 28, 2019
    risk 0.19cvss epss 0.30

    Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate…

  • CVE-2018-15664May 23, 2019
    risk 0.01cvss epss 0.03

    In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not…

  • CVE-2014-9357Dec 16, 2014
    risk 0.01cvss epss 0.06

    Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.

  • CVE-2026-12539Jun 18, 2026
    risk 0.00cvss epss 0.00

    Docker Sandboxes (sbx) blocks ICMP egress with an authorizer applied only at network-creation time, and does not re-apply it to networks rebuilt from disk when the Docker daemon restarts, so a restart-surviving sandbox forwards ICMP to arbitrary hosts. A workload inside a…

  • CVE-2026-12039Jun 18, 2026
    risk 0.00cvss epss 0.00

    Docker Sandboxes (sbx) enforces an HTTP/S-only egress allowlist but does not apply it to DNS resolution: the per-network embedded DNS server forwards any queried name to the host resolver whenever the network is internet-connected, without consulting the policy. A workload…

  • CVE-2025-15558Mar 4, 2026
    risk 0.00cvss epss 0.00

    Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. A low-privileged attacker can create this directory and place malicious CLI plugin binaries (docker-compose.exe, docker-buildx.exe, etc.) that…

  • CVE-2026-2664Feb 24, 2026
    risk 0.00cvss epss 0.00

    An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and macOS up to version 4.61.0 could allow a local attacker to cause an unspecified impact by writing to /proc/docker entries. The issue has been fixed…

  • CVE-2025-13743Dec 9, 2025
    risk 0.00cvss epss 0.00

    Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This poses a risk of leaking sensitive information in exported diagnostics, especially when access denied errors occurred.

  • CVE-2025-3224Apr 28, 2025
    risk 0.00cvss epss 0.00

    A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTEM. During an update, Docker Desktop attempts to delete files and subdirectories under the path…

  • CVE-2024-8696Sep 12, 2024
    risk 0.00cvss epss 0.01

    A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2.

  • CVE-2024-8695Sep 12, 2024
    risk 0.00cvss epss 0.01

    A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2.

  • CVE-2024-6222Jul 9, 2024
    risk 0.00cvss epss 0.01

    In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages. Docker Desktop v4.29.0 https://docs.docker.com/desktop/release-note…

  • CVE-2024-5652Jul 9, 2024
    risk 0.00cvss epss 0.00

    In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through the exec-path Docker daemon config option in Windows containers mode.

  • CVE-2020-27352Jun 21, 2024
    risk 0.00cvss epss 0.00

    When generating the systemd service units for the docker snap (and other similar snaps), snapd does not specify Delegate=yes - as a result systemd will move processes from the containers created and managed by these snaps into the cgroup of the main daemon within the snap itself…

Page 1 of 2