Vulnerabilities > Docker

DATE CVE VULNERABILITY TITLE RISK
2020-12-30 CVE-2020-27534 Path Traversal vulnerability in Docker
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
network
low complexity
docker CWE-22
5.0
2020-12-17 CVE-2020-35197 Missing Authentication for Critical Function vulnerability in Docker Memcached Docker Image
The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
10.0
2020-12-17 CVE-2020-35196 Missing Authentication for Critical Function vulnerability in Docker Rabbitmq Docker Image
The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
10.0
2020-12-17 CVE-2020-35195 Missing Authentication for Critical Function vulnerability in Docker Haproxy Docker Image
The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
10.0
2020-12-17 CVE-2020-35186 Missing Authentication for Critical Function vulnerability in Docker Adminer
The official adminer docker images before 4.7.0-fastcgi contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
10.0
2020-12-17 CVE-2020-35184 Missing Authentication for Critical Function vulnerability in Docker Composer
The official composer docker images before 1.8.3 contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
10.0
2020-12-17 CVE-2020-35185 Missing Authentication for Critical Function vulnerability in Docker Ghost Alpine Docker Image
The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
10.0
2020-12-15 CVE-2020-35467 Missing Authentication for Critical Function vulnerability in Docker Docs
The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user.
network
low complexity
docker CWE-306
critical
10.0
2020-12-11 CVE-2020-29591 Weak Password Requirements vulnerability in Docker Registry
Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user.
network
low complexity
docker CWE-521
critical
10.0
2020-12-08 CVE-2020-29601 Unspecified vulnerability in Docker Notary Docker Image
The official notary docker images before signer-0.6.1-1 contain a blank password for a root user.
network
low complexity
docker
critical
10.0