| CVE-2014-9358 |
medium |
— |
6.4 |
|
|
|
12y ago |
Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation o… |
| CVE-2026-41568 |
medium |
— |
5.5 |
|
|
|
16d ago |
Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap |
| CVE-2021-41089 |
medium |
— |
5.5 |
|
|
|
2y ago |
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted… |
| CVE-2021-41091 |
medium |
— |
5.5 |
|
|
|
2y ago |
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirec… |
| CVE-2014-6408 |
medium |
— |
5.0 |
|
|
|
12y ago |
Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image. |
| CVE-2014-5277 |
medium |
— |
5.0 |
|
|
|
12y ago |
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain auth… |
| CVE-2026-33997 |
unknown |
— |
— |
|
|
|
2mo ago |
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to be bypassed during docker plugin install. D… |
| CVE-2025-54410 |
unknown |
— |
— |
|
|
|
10mo ago |
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. A firewalld vulne… |
| CVE-2025-54388 |
unknown |
— |
— |
|
|
|
10mo ago |
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.… |
| CVE-2024-41110 |
unknown |
— |
— |
|
|
|
2y ago |
Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypas… |
| CVE-2024-32473 |
unknown |
— |
— |
|
|
|
2y ago |
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on netwo… |
| CVE-2024-29018 |
unknown |
— |
— |
|
|
|
2y ago |
Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows … |
| CVE-2024-24557 |
unknown |
— |
— |
|
|
|
2y ago |
Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch. Also, changes to… |
| CVE-2018-12608 |
unknown |
— |
— |
|
|
|
2y ago |
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows sy… |
| CVE-2020-27534 |
unknown |
— |
— |
|
|
|
2y ago |
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.T… |
| CVE-2023-28840 |
unknown |
— |
— |
|
|
|
3y ago |
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon componen… |
| CVE-2023-28841 |
unknown |
— |
— |
|
|
|
3y ago |
Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon componen… |
| CVE-2023-28842 |
unknown |
— |
— |
|
|
|
3y ago |
Moby) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon compone… |
| CVE-2022-36109 |
unknown |
— |
— |
|
|
|
4y ago |
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where supplementary groups are not set up properly. If an attacker has di… |
| CVE-2019-14271 |
unknown |
— |
— |
|
|
|
4y ago |
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the conten… |
| CVE-2019-13509 |
unknown |
— |
— |
|
|
|
4y ago |
In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a… |
| CVE-2014-9356 |
unknown |
— |
— |
|
|
|
5y ago |
Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or… |
