pkg:Go/github.com/docker/docker

61 total CVEsCRITICAL6HIGH16MEDIUM30LOW5

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.9CVE-2024-41110docker.io - security update
    >= 20.10.0+incompatible, < 25.0.6+incompatible, >= 26.0.0+incompatible, < 26.1.5+incompatible, >= 27.0.0+incompatible, < 27.1.1+incompatible
  • CRITICAL9.9CVE-2024-41110docker.io - security update
    >= 19.03.0, < 23.0.15
  • CRITICAL9.8CVE-2019-14271Moby Docker cp broken with debian containers in github.com/docker/docker
    >= 19.03.0, < 19.03.1
  • CRITICAL9.8CVE-2019-14271Moby Docker cp broken with debian containers in github.com/docker/docker
    from 0, < 20.10.0-beta1+incompatible
  • CRITICAL9.8CVE-2014-9357Arbitrary Code Execution in github.com/docker/docker
    from 0, < 1.3.3
  • CRITICAL9.8CVE-2014-9357Arbitrary Code Execution in github.com/docker/docker
    from 0, < 1.3.3
  • HIGH8.8CVE-2026-34040Moby has AuthZ plugin bypass when provided oversized request bodies
    from 0
  • HIGH8.8CVE-2026-34040Moby has AuthZ plugin bypass when provided oversized request bodies
    from 0, < 29.3.1
  • HIGH8.4CVE-2015-3630Information Exposure in Docker Engine in github.com/docker/docker
    >= 1.6.0, < 1.6.1
  • HIGH8.4CVE-2015-3629Arbitrary File Write in Libcontainer in github.com/docker/docker
    >= 1.6.0, < 1.6.1
  • HIGH8.4CVE-2015-3630Information Exposure in Docker Engine in github.com/docker/docker
    >= 1.6.0, < 1.6.1
  • HIGH8.4CVE-2015-3629Arbitrary File Write in Libcontainer in github.com/docker/docker
    >= 1.6.0, < 1.6.1
  • HIGH8.4CVE-2014-3499Privilege Escalation in Docker in github.com/docker/docker
    from 0, < 1.0.1
  • HIGH8.4CVE-2014-3499Privilege Escalation in Docker in github.com/docker/docker
    from 0, < 1.0.1
  • HIGH7.5CVE-2018-12608Docker Authentication Bypass
    from 0, < 17.06.0-ce
  • HIGH7.5CVE-2023-28840Docker Swarm encrypted overlay network may be unauthenticated in github.com/docker/docker
    >= 1.12.0, < 20.10.24+incompatible, >= 23.0.0+incompatible, < 23.0.3+incompatible
  • HIGH7.5CVE-2023-28840Docker Swarm encrypted overlay network may be unauthenticated in github.com/docker/docker
    >= 1.12.0, < 20.10.24
  • HIGH7.5CVE-2019-13509Secret insertion into debug log in Docker
    from 0, < 18.09.8
  • HIGH7.3CVE-2014-6407Arbitrary Code Execution in Docker in github.com/docker/docker
    from 0, < 1.3.2
  • HIGH7.3CVE-2014-6407Arbitrary Code Execution in Docker in github.com/docker/docker
    from 0, < 1.3.2
  • HIGH7.2CVE-2026-42306Docker: Race condition in docker cp allows bind mount redirection to host path
    from 0, <= 28.5.2
  • HIGH7.2CVE-2026-41567Docker: `PUT /containers/{id}/archive` executes container binary on the host
    from 0, <= 28.5.2
  • MEDIUM6.9CVE-2024-24557Classic builder cache poisoning in github.com/docker/docker
    from 0, < 24.0.9
  • MEDIUM6.9CVE-2024-24557Classic builder cache poisoning in github.com/docker/docker
    from 0, < 24.0.9+incompatible, >= 25.0.0+incompatible, < 25.0.2+incompatible
  • MEDIUM6.8CVE-2026-33997Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
    from 0
  • MEDIUM6.8CVE-2026-33997Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
    from 0
  • MEDIUM6.8CVE-2023-28841Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker
    >= 1.12.0, < 20.10.24+incompatible, >= 23.0.0+incompatible, < 23.0.3+incompatible
  • MEDIUM6.8CVE-2023-28841Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker
    >= 1.12.0, < 20.10.24
  • MEDIUM6.8CVE-2023-28842Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker
    >= 1.12.0, < 20.10.24
  • MEDIUM6.8CVE-2023-28842Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker
    >= 1.12.0, < 20.10.24+incompatible, >= 23.0.0+incompatible, < 23.0.3+incompatible
  • MEDIUM6.5CVE-2014-9358Directory Traversal in Docker in github.com/docker/docker
    from 0, < 1.3.2
  • MEDIUM6.5CVE-2014-9358Directory Traversal in Docker in github.com/docker/docker
    from 0, < 1.3.2
  • MEDIUM6.1CVE-2026-41568Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap
    from 0, <= 28.5.2
  • MEDIUM5.9CVE-2022-24769containerd - security update
    from 0, < 20.10.14+incompatible
  • MEDIUM5.9CVE-2022-24769containerd - security update
    from 0, < 20.10.14
  • MEDIUM5.9CVE-2024-29018Data exfiltration from internal networks in github.com/docker/docker
    >= 26.0.0-rc1, < 26.0.0-rc3
  • MEDIUM5.9CVE-2024-29018Data exfiltration from internal networks in github.com/docker/docker
    >= 25.0.0+incompatible, < 25.0.5+incompatible, >= 26.0.0-rc1+incompatible, < 26.0.0-rc3+incompatible
  • MEDIUM5.9CVE-2021-41091Moby (Docker Engine) Insufficiently restricted permissions on data directory in github.com/docker/docker
    from 0, < 20.10.9+incompatible
  • MEDIUM5.9CVE-2021-41091Moby (Docker Engine) Insufficiently restricted permissions on data directory in github.com/docker/docker
    from 0, < 20.10.9
  • MEDIUM5.9CVE-2014-9356Path Traversal in Docker in github.com/docker/docker
    from 0, < 1.3.3
  • MEDIUM5.9CVE-2014-9356Path Traversal in Docker in github.com/docker/docker
    from 0, < 1.3.3
  • MEDIUM5.3CVE-2020-27534Path Traversal in Moby builder
    from 0, < 19.03.9
  • MEDIUM5.3CVE-2022-36109Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker
    from 0, < 20.10.18
  • MEDIUM5.3CVE-2022-36109Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker
    from 0, < 20.10.18+incompatible
  • MEDIUM5.3CVE-2014-5277Man-in-the-Middle (MitM) in github.com/docker/docker
    from 0, < 1.3.1
  • MEDIUM5.3CVE-2014-5277Man-in-the-Middle (MitM) in github.com/docker/docker
    from 0, < 1.3.1
  • MEDIUM5.1CVE-2015-3631Arbitrary File Override in Docker Engine in github.com/docker/docker
    from 0, < 1.6.1
  • MEDIUM5.1CVE-2015-3631Arbitrary File Override in Docker Engine in github.com/docker/docker
    from 0, < 1.6.1
  • MEDIUM4.7CVE-2024-32473IPv6 enabled on IPv4-only network interfaces in github.com/docker/docker
    >= 26.0.0, < 26.0.2
  • MEDIUM4.7CVE-2024-32473IPv6 enabled on IPv4-only network interfaces in github.com/docker/docker
    >= 26.0.0+incompatible, < 26.0.2+incompatible
  • MEDIUM4.6CVE-2025-54388Moby firewalld reload makes published container ports accessible from remote hosts in github.com/docker/docker
    >= 28.2.0, < 28.3.3
  • MEDIUM4.6CVE-2025-54388Moby firewalld reload makes published container ports accessible from remote hosts in github.com/docker/docker
    >= 28.2.0+incompatible, < 28.3.3+incompatible
  • LOW3.3CVE-2025-54410Moby firewalld reload removes bridge network isolation in github.com/docker/docker
    from 0, < 25.0.13+incompatible
  • LOW3.3CVE-2025-54410Moby firewalld reload removes bridge network isolation in github.com/docker/docker
    from 0, < 25.0.13
  • LOW3.0CVE-2021-41190Clarify Content-Type handling
    from 0, < 20.10.11+incompatible
  • LOW2.8CVE-2021-41089Unexpected chmod of host files via 'docker cp' in Moby Docker Engine in github.com/docker/docker
    from 0, < 20.10.9
  • LOW2.8CVE-2021-41089Unexpected chmod of host files via 'docker cp' in Moby Docker Engine in github.com/docker/docker
    from 0, < 20.10.9+incompatible
  • CVE-2014-6408Access Restriction Bypass in Docker in github.com/docker/docker
    >= 1.3.0, < 1.3.2
  • CVE-2014-6408Access Restriction Bypass in Docker in github.com/docker/docker
    >= 1.3.0, < 1.3.2
  • CVE-2015-3627Symlink Attack in Libcontainer and Docker Engine in github.com/docker/docker
    from 0, < 1.6.1
  • CVE-2015-3627Symlink Attack in Libcontainer and Docker Engine in github.com/docker/docker
    from 0, < 1.6.1