Vulnerabilities > Docker > Low

DATE CVE VULNERABILITY TITLE RISK
2022-01-12 CVE-2021-45449 Information Exposure Through Log Files vulnerability in Docker Desktop 4.3.0/4.3.1
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user's machine during login.
local
low complexity
docker CWE-532
2.1
2021-02-02 CVE-2021-21284 Path Traversal vulnerability in multiple products
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root.
low complexity
docker debian netapp CWE-22
2.7
2016-06-01 CVE-2016-3697 Permissions, Privileges, and Access Controls vulnerability in multiple products
libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.
local
low complexity
docker linuxfoundation opensuse CWE-264
2.1