Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker docker vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-34079
OS Command injection vulnerability in Mintzo Docker-Tester up to and including 1.2.1 allows malicious users to execute arbitrary commands via shell metacharacters in the 'ports' entry of a crafted docker-compose.yml file.
Docker-tester Project Docker-tester
10
CVSSv2
CVE-2022-0543
It exists, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.
Redis Redis -
1 Metasploit module
10 Github repositories
10
CVSSv2
CVE-2020-24264
Portainer 1.24.1 and previous versions is affected by incorrect access control that may lead to remote arbitrary code execution. The restriction checks for bind mounts are applied only on the client-side and not the server-side, which can lead to spawning a container with bind mo...
Portainer Portainer
10
CVSSv2
CVE-2020-35184
The official composer docker images prior to 1.8.3 contain a blank password for a root user. System using the composer docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blank password.
Docker Composer Docker Image
10
CVSSv2
CVE-2020-35186
The official adminer docker images prior to 4.7.0-fastcgi contain a blank password for a root user. System using the adminer docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blank password.
Docker Adminer
10
CVSSv2
CVE-2020-35190
The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a blank password for a root user. System using the plone docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a b...
Plone Plone
10
CVSSv2
CVE-2020-35196
The official rabbitmq docker images prior to 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user. System using the rabbitmq docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root ...
Docker Rabbitmq Docker Image
10
CVSSv2
CVE-2020-35197
The official memcached docker images prior to 1.5.11-alpine (Alpine specific) contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a bl...
Docker Memcached Docker Image
10
CVSSv2
CVE-2020-35191
The official drupal docker images prior to 8.5.10-fpm-alpine (Alpine specific) contain a blank password for a root user. System using the drupal docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blan...
Drupal Drupal Docker Images 8.3.0-fpm-alpine
Drupal Drupal Docker Images
1 Github repository
10
CVSSv2
CVE-2020-35192
The official vault docker images prior to 0.11.6 contain a blank password for a root user. System using the vault docker container deployed by affected versions of the docker image may allow a remote malicious user to achieve root access with a blank password.
Hashicorp Vault
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »