Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

19 advisories

Loading
Path Traversal in Docker Moderate
CVE-2014-9356 was published for github.com/docker/docker (Go) May 18, 2021
picatz neersighted
Information Exposure in Docker Engine High
CVE-2015-3630 was published for github.com/docker/docker (Go) Feb 15, 2022
neersighted
Arbitrary File Override in Docker Engine Moderate
CVE-2015-3631 was published for github.com/docker/docker (Go) Feb 15, 2022
neersighted
Moby Docker cp broken with debian containers Critical
CVE-2019-14271 was published for github.com/docker/docker (Go) May 24, 2022
yoshizawa-masatoshi neersighted
Poetry Argument Injection can lead to Local Code Execution High
CVE-2022-36069 was published for poetry (pip) Sep 16, 2022
paul-gerste-sonarsource neersighted
Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions Moderate
CVE-2022-36109 was published for github.com/docker/docker (Go) Sep 16, 2022
sjmurdoch neersighted
cleo is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42966 was published for cleo (pip) Nov 10, 2022
neersighted tdunlap607
Container build can leak any path on the host into the container Low
GHSA-vp35-85q5-9f25 was published for github.com/docker/docker (Go) Nov 11, 2022
leonwxqian corhere
neersighted
Docker Swarm encrypted overlay network with a single endpoint is unauthenticated Moderate
CVE-2023-28842 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere neersighted
cpuguy83 tianon quadespresso laurazard akerouanton
Docker Swarm encrypted overlay network traffic may be unencrypted Moderate
CVE-2023-28841 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere cpuguy83
tianon laurazard akerouanton quadespresso neersighted
Docker Swarm encrypted overlay network may be unauthenticated High
CVE-2023-28840 was published for github.com/docker/docker (Go) Apr 4, 2023
corhere quadespresso
cpuguy83 tianon neersighted laurazard akerouanton
/sys/devices/virtual/powercap accessible by default to containers Moderate
GHSA-jq35-85cj-fj4p was published for github.com/docker/docker (Go) Oct 30, 2023
zhangzhics garrisongys
neersighted gabriellavengeo AdallomRoy
containerd allows RAPL to be accessible to a container Moderate
GHSA-7ww5-4wqc-m92c was published for github.com/containerd/containerd (Go) Dec 19, 2023
garrisongys neersighted
Path Traversal in Moby builder Moderate
CVE-2020-27534 was published for github.com/docker/docker (Go) Jan 31, 2024
neersighted
moby Access to remapped root allows privilege escalation to real root Moderate
CVE-2021-21284 was published for github.com/moby/moby (Go) Jan 31, 2024
ajxchapman awprice
nathanburrell raulgomis chris-walz mark-adams dbaxa cpuguy83 neersighted
moby docker daemon crash during image pull of malicious image Moderate
CVE-2021-21285 was published for github.com/moby/moby (Go) Jan 31, 2024
bgeesaman joshlarsen
IanColdwater mauilion raesene cpuguy83 neersighted
Docker Authentication Bypass High
CVE-2018-12608 was published for github.com/docker/docker (Go) Jan 31, 2024
neersighted
Moby (Docker Engine) Insufficiently restricted permissions on data directory Moderate
CVE-2021-41091 was published for github.com/docker/docker (Go) Jan 31, 2024
joanbm AlonZa
neersighted
Moby's external DNS requests from 'internal' networks could lead to data exfiltration Moderate
CVE-2024-29018 was published for github.com/docker/docker (Go) Mar 20, 2024
robmry akerouanton
neersighted gabriellavengeo cibofo
ProTip! Advisories are also available from the GraphQL API