Vulnerabilities > Docker > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-03-18 CVE-2020-10665 Link Following vulnerability in Docker Desktop
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes.
local
low complexity
docker CWE-59
6.7
2020-02-07 CVE-2014-5278 Unspecified vulnerability in Docker
A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.
network
low complexity
docker
5.3
2019-12-17 CVE-2014-8178 Improper Input Validation vulnerability in multiple products
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands.
local
low complexity
docker opensuse CWE-20
5.5
2019-07-29 CVE-2019-1020014 Double Free vulnerability in multiple products
docker-credential-helpers before 0.6.3 has a double free in the List functions.
local
low complexity
docker fedoraproject canonical CWE-415
5.5
2019-01-12 CVE-2018-20699 Resource Exhaustion vulnerability in multiple products
Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mems or --cpuset-cpus value, related to daemon/daemon_unix.go, pkg/parsers/parsers.go, and pkg/sysinfo/sysinfo.go.
network
low complexity
docker redhat CWE-400
4.9
2018-07-06 CVE-2018-10892 The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames.
network
low complexity
docker mobyproject redhat opensuse
5.3
2017-11-01 CVE-2017-14992 Improper Input Validation vulnerability in Docker
Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing.
network
low complexity
docker CWE-20
6.5
2017-01-31 CVE-2016-9962 Race Condition vulnerability in Docker
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container.
local
high complexity
docker CWE-362
6.4
2017-01-04 CVE-2016-6595 Resource Management Errors vulnerability in Docker 1.12.0
The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins) via a long sequence of join and quit actions.
network
low complexity
docker CWE-399
6.5