Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker docker 1.0.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2022-22978
In spring security versions before 5.4.11+, 5.5.7+ , 5.6.4+ and older unsupported versions, RegexRequestMatcher can easily be misconfigured to be bypassed on some servlet containers. Applications using RegexRequestMatcher with `.` in the regular expression are possibly vulnerable...
Vmware Spring Security
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.2.0
Oracle Financial Services Crime And Compliance Management Studio 8.0.8.3.0
Netapp Active Iq Unified Manager -
29 Github repositories
4
CVSSv2
CVE-2021-41190
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operat...
Linuxfoundation Open Container Initiative Image Format Specification
Linuxfoundation Open Container Initiative Distribution Specification
Fedoraproject Fedora 34
Fedoraproject Fedora 35
10
CVSSv2
CVE-2020-35463
Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user. Systems deployed using affected versions of the Instana Dynamic APM container may allow a remote malicious user to achieve root access with a blank password.
Instana Dynamic Apm 1.0.0
4.4
CVSSv2
CVE-2019-19921
runc up to and including 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom image...
Linuxfoundation Runc 1.0.0
Linuxfoundation Runc
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Redhat Openshift Container Platform 4.1
Redhat Openshift Container Platform 4.2
5
CVSSv2
CVE-2019-16884
runc up to and including 1.0.0-rc8, as used in Docker up to and including 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.
Linuxfoundation Runc
Linuxfoundation Runc 1.0.0
Docker Docker
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Opensuse Leap 15.0
Opensuse Leap 15.1
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.1
Redhat Openshift Container Platform 4.2
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
1 Github repository
7.5
CVSSv2
CVE-2018-11756
In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.0.1 (or earlier) may allow an malicious user to replace the user function inside the container if the user code is vulnerable to c...
Apache Openwhisk
5
CVSSv2
CVE-2018-10205
hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the container_setup_modules and hyper_rescan_scsi functions in container.c, related to runV 1.0.0 for Docker.
Hyper Hyperstart 1.0.0
7.2
CVSSv2
CVE-2018-9862
util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows malicious users to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, ...
Hyper Runv 1.0.0
1 Github repository
9
CVSSv2
CVE-2017-10940
This vulnerability allows remote malicious users to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to agentsshar@1.0.0-release-20160901-20160901T051624Z-g3fd5adf (e469cf49-4de3-4658-8419-ab42837916ad). An attacker must first obtain the abilit...
Joyent Triton Datacenter -
7.5
CVSSv2
CVE-2016-8954
IBM dashDB Local uses hard-coded credentials that could allow a remote malicious user to gain access to the Docker container or database.
Ibm Dashdb Local 1.1.0
Ibm Dashdb Local 1.2.1
Ibm Dashdb Local 1.3.0
Ibm Dashdb Local 1.2.0
Ibm Dashdb Local 1.3.1
Ibm Dashdb Local 1.0.0
Ibm Dashdb Local 1.1.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »