pkg:Debian/docker.io

共 53 筆 CVECRITICAL5HIGH16MEDIUM28LOW2

✅ 檢查你的版本

所有已知漏洞

CRITICAL9.9CVE-2024-41110docker.io - security update
from 0, < 20.10.5+dfsg1-1+deb11u3
CRITICAL9.9CVE-2024-41110docker.io - security update
from 0, < 20.10.5+dfsg1-1+deb11u3
CRITICAL9.8CVE-2019-14271Moby Docker cp broken with debian containers in github.com/docker/docker
from 0, < 18.09.1+dfsg1-9
CRITICAL9.8CVE-2014-9357Arbitrary Code Execution
from 0, < 1.3.3~dfsg1-1
CRITICAL9.8CVE-2014-0048An issue was found in Docker before 1.6.0.
from 0, < 1.6.0+dfsg1-1
HIGH8.8CVE-2026-34040Moby has AuthZ plugin bypass when provided oversized request bodies
from 0
HIGH8.4CVE-2026-33747BuildKit's Malicious frontend can cause file escape outside of storage root
from 0
HIGH8.4CVE-2015-3629Arbitrary File Write in Libcontainer
from 0, < 1.6.1+dfsg1-1
HIGH8.4CVE-2015-3630Information Exposure in Docker Engine
from 0, < 1.6.1+dfsg1-1
HIGH8.4CVE-2019-13139docker.io - security update
from 0, < 18.09.1+dfsg1-7.1+deb10u1
HIGH8.4CVE-2019-13139docker.io - security update
from 0, < 18.09.1+dfsg1-8
HIGH8.1CVE-2024-36623Moby Race Condition vulnerability
from 0
HIGH8.1CVE-2014-5282Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of u…
from 0, < 1.3.0~dfsg1-1
HIGH7.8CVE-2014-0047Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage.
from 0, < 1.6.0+dfsg1-1
HIGH7.5CVE-2026-33748BuildKit Git URL subdir component can cause access to restricted files
from 0
HIGH7.5CVE-2018-12608Docker Authentication Bypass
from 0, < 18.03.1+dfsg1-2
HIGH7.5CVE-2023-28840Docker Swarm encrypted overlay network may be unauthenticated
from 0
HIGH7.5CVE-2019-13509Secret insertion into debug log in Docker
from 0, < 18.09.1+dfsg1-8
HIGH7.5CVE-2014-8179Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON r…
from 0, < 1.8.3~ds1-1
HIGH7.5CVE-2018-15664In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directo…
from 0, < 18.09.1+dfsg1-7.1
HIGH7.3CVE-2014-6407Arbitrary Code Execution in Docker
from 0, < 1.3.2~dfsg1-1
MEDIUM6.9CVE-2024-24557Classic builder cache poisoning in github.com/docker/docker
from 0
MEDIUM6.8CVE-2026-33997Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
from 0
MEDIUM6.8CVE-2021-21284moby Access to remapped root allows privilege escalation to real root
from 0, < 20.10.3+dfsg1-1
MEDIUM6.8CVE-2023-28841Docker Swarm encrypted overlay network traffic may be unencrypted
from 0
MEDIUM6.8CVE-2023-28842Docker Swarm encrypted overlay network with a single endpoint is unauthenticated
from 0
MEDIUM6.5CVE-2024-36621Moby Race Condition vulnerability
from 0
MEDIUM6.5CVE-2021-21285moby docker daemon crash during image pull of malicious image
from 0, < 20.10.3+dfsg1-1
MEDIUM6.5CVE-2017-14992Memory exhaustion in github.com/vbatts/tar-split
from 0, < 18.03.1+dfsg1-2
MEDIUM6.5CVE-2014-9358Directory Traversal in Docker in github.com/docker/docker
from 0, < 1.3.3~dfsg1-1
MEDIUM6.4CVE-2016-9962Information Exposure in RunC in github.com/opencontainers/runc
from 0, < 1.13.1~ds1-2
MEDIUM6.1CVE-2020-15157containerd v1.2.x can be coerced into leaking credentials during image pull
from 0, < 18.09.1+dfsg1-7.1+deb10u3
MEDIUM6.1CVE-2020-15157containerd v1.2.x can be coerced into leaking credentials during image pull
from 0, < 19.03.13+dfsg2-1
MEDIUM6.0CVE-2020-13401docker.io - security update
from 0, < 19.03.11+dfsg1-1
MEDIUM6.0CVE-2020-13401docker.io - security update
from 0, < 18.09.1+dfsg1-7.1+deb10u2
MEDIUM5.9CVE-2024-29018Data exfiltration from internal networks in github.com/docker/docker
from 0
MEDIUM5.9CVE-2021-41091Moby (Docker Engine) Insufficiently restricted permissions on data directory
from 0, < 20.10.5+dfsg1-1+deb11u1
MEDIUM5.9CVE-2017-16539Docker Moby /proc/scsi Path Exposure Allows Host Data Loss (SCSI MICDROP)
from 0, < 1.13.1~ds3-1
MEDIUM5.9CVE-2014-9356Path Traversal in Docker in github.com/docker/docker
from 0, < 1.3.3~dfsg1-1
MEDIUM5.5CVE-2014-8178Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes…
from 0, < 1.8.3~ds1-1
MEDIUM5.4CVE-2021-41092Docker CLI leaks private registry credentials to registry-1.docker.io
from 0, < 20.10.5+dfsg1-1+deb11u1
MEDIUM5.3CVE-2022-36109Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker
from 0
MEDIUM5.3CVE-2014-5278A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.
from 0, < 1.2.0~dfsg1-1
MEDIUM5.3CVE-2018-10892The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames.
from 0, < 18.06.1+dfsg1-1
MEDIUM5.3CVE-2014-5277Man-in-the-Middle (MitM)
from 0, < 1.3.1~dfsg1-1
MEDIUM5.2CVE-2020-15257containerd-shim API Exposed to Host Network Containers
from 0, < 20.10.0~rc1+dfsg2-1
MEDIUM5.1CVE-2015-3631Arbitrary File Override in Docker Engine in github.com/docker/docker
from 0, < 1.6.1+dfsg1-1
MEDIUM4.9CVE-2018-20699Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mem…
from 0, < 18.09.1+dfsg1-2
MEDIUM4.7CVE-2024-32473IPv6 enabled on IPv4-only network interfaces in github.com/docker/docker
from 0
LOW3.3CVE-2025-54410Moby firewalld reload removes bridge network isolation
from 0
LOW2.8CVE-2021-41089Unexpected chmod of host files via 'docker cp' in Moby Docker Engine in github.com/docker/docker
from 0, < 20.10.5+dfsg1-1+deb11u1
—CVE-2014-6408Access Restriction Bypass in Docker
from 0, < 1.3.2~dfsg1-1
—CVE-2015-3627Symlink Attack in Libcontainer and Docker Engine
from 0, < 1.6.1+dfsg1-1