Vulnerabilities > Docker

DATE CVE VULNERABILITY TITLE RISK
2022-05-25 CVE-2021-44719 Files or Directories Accessible to External Parties vulnerability in Docker Desktop
Docker Desktop 4.3.0 has Incorrect Access Control.
local
low complexity
docker CWE-552
6.6
2022-03-25 CVE-2022-26659 Link Following vulnerability in Docker Desktop
Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any administrator writable files by creating a symlink in place of where the installer writes its log file.
local
low complexity
docker CWE-59
3.6
2022-02-19 CVE-2022-25365 Unspecified vulnerability in Docker
Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files.
local
low complexity
docker
4.6
2022-02-01 CVE-2022-23774 Unspecified vulnerability in Docker Desktop
Docker Desktop before 4.4.4 on Windows allows attackers to move arbitrary files.
network
low complexity
docker
5.0
2022-01-12 CVE-2021-45449 Information Exposure Through Log Files vulnerability in Docker Desktop 4.3.0/4.3.1
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user's machine during login.
local
low complexity
docker CWE-532
2.1
2021-10-04 CVE-2021-41092 Information Exposure vulnerability in multiple products
Docker CLI is the command line interface for the docker container runtime.
network
low complexity
docker fedoraproject CWE-200
5.0
2021-08-12 CVE-2021-37841 Incorrect Permission Assignment for Critical Resource vulnerability in Docker Desktop
Docker Desktop before 3.6.0 suffers from incorrect access control.
local
low complexity
docker CWE-732
4.6
2021-02-02 CVE-2021-21285 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon.
network
low complexity
docker debian netapp CWE-754
6.5
2021-02-02 CVE-2021-21284 Path Traversal vulnerability in multiple products
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root.
low complexity
docker debian netapp CWE-22
2.7
2021-01-15 CVE-2021-3162 Improper Certificate Validation vulnerability in Docker
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
local
low complexity
docker CWE-295
4.6