Vulnerabilities > Docker
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-08 | CVE-2020-29575 | Unspecified vulnerability in Docker Elixir Alpine Docker Image The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |
| 2020-12-02 | CVE-2020-29389 | Missing Authentication for Critical Function vulnerability in Docker Crux Linux Docker Image The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. | 9.8 |
| 2020-07-13 | CVE-2020-14300 | Improper Check for Dropped Privileges vulnerability in multiple products The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. | 8.8 |
| 2020-07-13 | CVE-2020-14298 | Improper Check for Dropped Privileges vulnerability in multiple products The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. | 8.8 |
| 2020-06-27 | CVE-2020-15360 | Missing Authorization vulnerability in Docker Desktop 2.3.0.3 com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification. | 7.8 |
| 2020-06-05 | CVE-2020-11492 | Race Condition vulnerability in Docker Desktop An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. | 7.8 |
| 2020-06-02 | CVE-2020-13401 | Improper Input Validation vulnerability in multiple products An issue was discovered in Docker Engine before 19.03.11. | 6.0 |
| 2020-03-18 | CVE-2020-10665 | Link Following vulnerability in Docker Desktop Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. | 6.7 |
| 2020-02-07 | CVE-2014-5278 | Unspecified vulnerability in Docker A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs. | 5.3 |
| 2020-01-02 | CVE-2014-0048 | Improper Input Validation vulnerability in multiple products An issue was found in Docker before 1.6.0. | 9.8 |