Vulnerabilities > Docker

DATE CVE VULNERABILITY TITLE RISK
2020-12-17 CVE-2020-35185 Missing Authentication for Critical Function vulnerability in Docker Ghost Alpine Docker Image
The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
10.0
2020-12-15 CVE-2020-35467 Missing Authentication for Critical Function vulnerability in Docker Docs
The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user.
network
low complexity
docker CWE-306
critical
10.0
2020-12-11 CVE-2020-29591 Weak Password Requirements vulnerability in Docker Registry
Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user.
network
low complexity
docker CWE-521
critical
10.0
2020-12-08 CVE-2020-29601 Unspecified vulnerability in Docker Notary Docker Image
The official notary docker images before signer-0.6.1-1 contain a blank password for a root user.
network
low complexity
docker
critical
10.0
2020-12-08 CVE-2020-29581 Unspecified vulnerability in Docker Spiped Alpine Docker Image
The official spiped docker images before 1.5-alpine contain a blank password for a root user.
network
low complexity
docker
critical
10.0
2020-12-08 CVE-2020-29580 Unspecified vulnerability in Docker Storm Docker Image
The official storm Docker images before 1.2.1 contain a blank password for a root user.
network
low complexity
docker
critical
10.0
2020-12-08 CVE-2020-29575 Unspecified vulnerability in Docker Elixir Alpine Docker Image
The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user.
network
low complexity
docker
critical
10.0
2020-12-02 CVE-2020-29389 Missing Authentication for Critical Function vulnerability in Docker Crux Linux Docker Image
The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user.
network
low complexity
docker CWE-306
critical
10.0
2020-07-13 CVE-2020-14300 Improper Check for Dropped Privileges vulnerability in multiple products
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes.
local
low complexity
redhat docker CWE-273
8.8
2020-07-13 CVE-2020-14298 Improper Check for Dropped Privileges vulnerability in multiple products
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304.
local
low complexity
redhat docker CWE-273
8.8