Vulnerabilities > Docker > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-15 | CVE-2020-35467 | Missing Authentication for Critical Function vulnerability in Docker Docs 20201214 The Docker Docs Docker image through 2020-12-14 contains a blank password for the root user. | 9.8 |
| 2020-12-11 | CVE-2020-29591 | Weak Password Requirements vulnerability in Docker Registry Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user. | 9.8 |
| 2020-12-08 | CVE-2020-29601 | Unspecified vulnerability in Docker Notary Docker Image The official notary docker images before signer-0.6.1-1 contain a blank password for a root user. | 9.8 |
| 2020-12-08 | CVE-2020-29581 | Unspecified vulnerability in Docker Spiped Alpine Docker Image The official spiped docker images before 1.5-alpine contain a blank password for a root user. | 9.8 |
| 2020-12-08 | CVE-2020-29580 | Unspecified vulnerability in Docker Storm Docker Image The official storm Docker images before 1.2.1 contain a blank password for a root user. | 9.8 |
| 2020-12-08 | CVE-2020-29575 | Unspecified vulnerability in Docker Elixir Alpine Docker Image The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user. | 9.8 |
| 2020-12-02 | CVE-2020-29389 | Missing Authentication for Critical Function vulnerability in Docker Crux Linux Docker Image The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. | 9.8 |
| 2020-01-02 | CVE-2014-0048 | Improper Input Validation vulnerability in multiple products An issue was found in Docker before 1.6.0. | 9.8 |
| 2019-07-29 | CVE-2019-14271 | Improper Initialization vulnerability in multiple products In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container. | 9.8 |
| 2018-03-31 | CVE-2015-9259 | Unrestricted Upload of File with Dangerous Type vulnerability in Docker Notary In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does. | 9.8 |