Vulnerabilities > Docker

DATE CVE VULNERABILITY TITLE RISK
2020-12-08 CVE-2020-29581 Unspecified vulnerability in Docker Spiped Alpine Docker Image
The official spiped docker images before 1.5-alpine contain a blank password for a root user.
network
low complexity
docker
critical
10.0
2020-12-08 CVE-2020-29580 Unspecified vulnerability in Docker Storm Docker Image
The official storm Docker images before 1.2.1 contain a blank password for a root user.
network
low complexity
docker
critical
10.0
2020-12-08 CVE-2020-29575 Unspecified vulnerability in Docker Elixir Alpine Docker Image
The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker
critical
10.0
2020-12-02 CVE-2020-29389 Missing Authentication for Critical Function vulnerability in Docker Crux Linux Docker Image
The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
10.0
2020-07-13 CVE-2020-14300 Improper Check for Dropped Privileges vulnerability in multiple products
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2016-9962, which was previously fixed via RHSA-2017:0116.
local
low complexity
redhat docker CWE-273
8.8
2020-07-13 CVE-2020-14298 Improper Check for Dropped Privileges vulnerability in multiple products
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304.
local
low complexity
redhat docker CWE-273
8.8
2020-06-27 CVE-2020-15360 Missing Authorization vulnerability in Docker Desktop 2.3.0.3
com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification.
local
low complexity
docker CWE-862
4.6
2020-06-05 CVE-2020-11492 Race Condition vulnerability in Docker Desktop
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows.
local
low complexity
docker CWE-362
7.2
2020-06-02 CVE-2020-13401 Improper Input Validation vulnerability in Docker Engine
An issue was discovered in Docker Engine before 19.03.11.
network
docker CWE-20
6.0
2020-03-18 CVE-2020-10665 Link Following vulnerability in Docker Desktop
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes.
local
low complexity
docker CWE-59
7.2