Vulnerabilities > Docker > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-12 | CVE-2024-8695 | Unspecified vulnerability in Docker Desktop A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. | 9.8 |
| 2024-09-12 | CVE-2024-8696 | Unspecified vulnerability in Docker Desktop A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2. | 9.8 |
| 2023-09-25 | CVE-2023-0625 | Code Injection vulnerability in Docker Desktop Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Desktop: before 4.12.0. | 9.8 |
| 2023-09-25 | CVE-2023-0626 | Code Injection vulnerability in Docker Desktop Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: before 4.12.0. | 9.8 |
| 2020-12-17 | CVE-2020-35197 | Missing Authentication for Critical Function vulnerability in Docker Memcached Docker Image The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |
| 2020-12-17 | CVE-2020-35196 | Missing Authentication for Critical Function vulnerability in Docker Rabbitmq Docker Image 3.7.12 The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |
| 2020-12-17 | CVE-2020-35195 | Missing Authentication for Critical Function vulnerability in Docker Haproxy Docker Image The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |
| 2020-12-17 | CVE-2020-35186 | Missing Authentication for Critical Function vulnerability in Docker Adminer The official adminer docker images before 4.7.0-fastcgi contain a blank password for a root user. | 9.8 |
| 2020-12-17 | CVE-2020-35184 | Missing Authentication for Critical Function vulnerability in Docker Composer Docker Image The official composer docker images before 1.8.3 contain a blank password for a root user. | 9.8 |
| 2020-12-17 | CVE-2020-35185 | Missing Authentication for Critical Function vulnerability in Docker Ghost Alpine Docker Image The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |