Vulnerabilities > Docker
|2022-05-25||CVE-2021-44719|| Files or Directories Accessible to External Parties vulnerability in Docker Desktop |
Docker Desktop 4.3.0 has Incorrect Access Control.
| 6.6 |
|2022-03-25||CVE-2022-26659|| Link Following vulnerability in Docker Desktop |
Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any administrator writable files by creating a symlink in place of where the installer writes its log file.
| 3.6 |
|2022-02-19||CVE-2022-25365|| Unspecified vulnerability in Docker |
Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files.
| 4.6 |
|2022-02-01||CVE-2022-23774|| Unspecified vulnerability in Docker Desktop |
Docker Desktop before 4.4.4 on Windows allows attackers to move arbitrary files.
| 5.0 |
|2022-01-12||CVE-2021-45449|| Information Exposure Through Log Files vulnerability in Docker Desktop 4.3.0/4.3.1 |
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user's machine during login.
| 2.1 |
|2021-10-04||CVE-2021-41092|| Information Exposure vulnerability in multiple products |
Docker CLI is the command line interface for the docker container runtime.
| 5.0 |
|2021-02-02||CVE-2021-21285|| Resource Exhaustion vulnerability in multiple products |
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon.
| 4.3 |
|2021-02-02||CVE-2021-21284|| Path Traversal vulnerability in multiple products |
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root.
| 2.7 |
|2021-01-15||CVE-2021-3162|| Improper Privilege Management vulnerability in Docker |
Docker Desktop Community before 126.96.36.199 on macOS mishandles certificate checking, leading to local privilege escalation.
| 4.6 |
|2020-12-30||CVE-2020-27534|| Path Traversal vulnerability in Docker |
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
| 5.0 |