Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker engine vulnerabilities and exploits
(subscribe to this query)
411
VMScore
CVE-2019-13139
In Docker prior to 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in comma...
Docker Docker
447
VMScore
CVE-2020-27534
util/binfmt_misc/check.go in Builder in Docker Engine prior to 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
Docker Docker
641
VMScore
CVE-2015-3629
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.
Docker Libcontainer 1.6.0
Opensuse Opensuse 13.2
445
VMScore
CVE-2021-41092
Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHel...
Docker Command Line Interface
Fedoraproject Fedora 34
Fedoraproject Fedora 35
605
VMScore
CVE-2018-20871
In Univa Grid Engine prior to 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890).
Univa Grid Engine 8.6.3
392
VMScore
CVE-2021-41089
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the h...
Mobyproject Moby
Fedoraproject Fedora 34
Fedoraproject Fedora 35
1 Github repository
890
VMScore
CVE-2016-9223
A vulnerability in the Docker Engine configuration of Cisco CloudCenter Orchestrator (CCO; formerly CliQr) could allow an unauthenticated, remote malicious user to install Docker containers with high privileges on the affected system. Affected Products: This vulnerability affect ...
Cisco Cloudcenter Orchestrator 4.6.1
Cisco Cloudcenter Orchestrator 4.6.0
Cisco Cloudcenter Orchestrator 4.5.0
Cisco Cloudcenter Orchestrator 4.4.0
410
VMScore
CVE-2021-41091
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently restricted permissions, allowing otherwise unprivilege...
Mobyproject Moby
Fedoraproject Fedora 34
Fedoraproject Fedora 35
3 Github repositories
445
VMScore
CVE-2018-12608
An issue exists in Docker Moby prior to 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-t...
Mobyproject Moby
NA
CVE-2022-36109
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they...
Mobyproject Moby
Fedoraproject Fedora 36
Fedoraproject Fedora 37
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »