Vulnerabilities > Docker
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-12 | CVE-2021-45449 | Information Exposure Through Log Files vulnerability in Docker Desktop 4.3.0/4.3.1 Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user's machine during login. | 2.1 |
| 2021-10-04 | CVE-2021-41092 | Information Exposure vulnerability in multiple products Docker CLI is the command line interface for the docker container runtime. | 7.5 |
| 2021-08-12 | CVE-2021-37841 | Incorrect Permission Assignment for Critical Resource vulnerability in Docker Desktop Docker Desktop before 3.6.0 suffers from incorrect access control. | 4.6 |
| 2021-02-02 | CVE-2021-21285 | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. | 6.5 |
| 2021-02-02 | CVE-2021-21284 | Path Traversal vulnerability in multiple products In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. | 2.7 |
| 2021-01-15 | CVE-2021-3162 | Improper Certificate Validation vulnerability in Docker Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation. | 4.6 |
| 2020-12-30 | CVE-2020-27534 | Path Traversal vulnerability in Docker util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call. | 5.0 |
| 2020-12-17 | CVE-2020-35197 | Missing Authentication for Critical Function vulnerability in Docker Memcached Docker Image The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. | 10.0 |
| 2020-12-17 | CVE-2020-35196 | Missing Authentication for Critical Function vulnerability in Docker Rabbitmq Docker Image The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user. | 10.0 |
| 2020-12-17 | CVE-2020-35195 | Missing Authentication for Critical Function vulnerability in Docker Haproxy Docker Image The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user. | 10.0 |