threat
engine
.sh
Back
·
··:··
Home
/
Product
/
docker
Product
docker
75 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-15558
<= 29.1.5
Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by defau
8.0
HIGH
CVE-2026-2664
< 4.62.0
An out of bounds read vulnerability in the grpcfuse kernel module present in the Linux VM in Docker Desktop for Windows, Linux and
7.8
HIGH
CVE-2025-13743
>= 4.51.0 and < 4.54.0
Docker Desktop diagnostics bundles were found to include expired Hub PATs in log output due to error object serialization. This po
7.5
HIGH
CVE-2025-3224
< 4.41.0
A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged
7.8
HIGH
CVE-2024-8696
< 4.34.2
A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious ext
9.8
CRITICAL
CVE-2024-8695
< 4.34.2
A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension i
9.8
CRITICAL
CVE-2024-6222
< 4.29.0
In Docker Desktop before v4.29.0, an attacker who has gained access to the Docker Desktop VM through a container breakout can furt
7.0
HIGH
CVE-2024-5652
< 4.31.0
In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through
6.1
MEDIUM
CVE-2024-2216
<= 2.11
A missing permission check in an HTTP endpoint in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers with Overall/
8.8
HIGH
CVE-2024-2215
<= 2.11
A cross-site request forgery (CSRF) vulnerability in Jenkins docker-build-step Plugin 2.11 and earlier allows attackers to connect
6.1
MEDIUM
CVE-2023-5166
< 4.23.0
Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL. This issue affects Docker Desktop: befor
8.0
HIGH
CVE-2023-5165
>= 4.13.0 and < 4.23.0
Docker Desktop before 4.23.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions via the debug s
7.1
HIGH
CVE-2023-0633
< 4.12.0
In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local privilege escalation (LPE).This
7.2
HIGH
CVE-2023-0627
>= 4.11.0 and < 4.12.0
Docker Desktop 4.11.x allows --no-windows-containers flag bypass via IPC response spoofing which may lead to Local Privilege Escal
6.7
MEDIUM
CVE-2023-0626
< 4.12.0
Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route. This issue affects Docker Desktop: b
8.0
HIGH
CVE-2023-0625
< 4.12.0
Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog. This issue affects Docker Des
8.0
HIGH
CVE-2022-38730
< 4.6.0
Docker Desktop for Windows before 4.6 allows attackers to overwrite any file through the windowscontainers/start dockerBackendV2 A
6.3
MEDIUM
CVE-2022-37326
< 4.6.0
Docker Desktop for Windows before 4.6.0 allows attackers to delete (or create) any file through the dockerBackendV2 windowscontain
7.8
HIGH
CVE-2022-34292
< 4.6.0
Docker Desktop for Windows before 4.6.0 allows attackers to overwrite any file through a symlink attack on the hyperv/create docke
7.1
HIGH
CVE-2022-31647
< 4.6.0
Docker Desktop before 4.6.0 on Windows allows attackers to delete any file through the hyperv/destroy dockerBackendV2 API via a sy
7.1
HIGH
CVE-2023-1802
all versions
In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS healt
5.9
MEDIUM
CVE-2023-0629
>= 4.13.0 and < 4.17.0
Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation (ECI) restrictions by setting the
7.1
HIGH
CVE-2023-0628
< 4.17.0
Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initial
6.1
MEDIUM
CVE-2021-44719
< 4.5.0
Docker Desktop 4.3.0 has Incorrect Access Control.
8.4
HIGH
CVE-2022-26659
< 4.6.0
Docker Desktop installer on Windows in versions before 4.6.0 allows an attacker to overwrite any administrator writable files by c
7.1
HIGH
CVE-2022-25365
< 4.5.1
Docker Desktop before 4.5.1 on Windows allows attackers to move arbitrary files. NOTE: this issue exists because of an incomplete
7.8
HIGH
CVE-2022-23774
< 4.4.4
Docker Desktop before 4.4.4 on Windows allows attackers to move arbitrary files.
5.3
MEDIUM
CVE-2021-45449
all versions
Docker Desktop version 4.3.0 and 4.3.1 has a bug that may log sensitive information (access token or password) on the user's machi
5.5
MEDIUM
CVE-2021-41092
< 20.10.9
Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker
5.4
MEDIUM
CVE-2021-37841
< 3.6.0
Docker Desktop before 3.6.0 suffers from incorrect access control. If a low-privileged account is able to access the server runnin
7.8
HIGH
CVE-2021-21285
< 19.03.15
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manif
6.5
MEDIUM
CVE-2021-21284
< 19.03.15
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remappe
6.8
MEDIUM
CVE-2021-3162
< 2.5.0.0
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
7.8
HIGH
CVE-2020-27534
< 19.03.9
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check tempor
5.3
MEDIUM
CVE-2020-14300
all versions
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053
8.8
HIGH
CVE-2020-14298
all versions
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version
8.8
HIGH
CVE-2020-15360
all versions
com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification.
7.8
HIGH
CVE-2020-11492
<= 2.2.0.5
An issue was discovered in Docker Desktop through 2.2.0.5 on Windows. If a local attacker sets up their own named pipe prior to st
7.8
HIGH
CVE-2020-13401
< 19.03.11
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft I
6.0
MEDIUM
CVE-2020-10665
< 2.2.2.0
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with A
6.7
MEDIUM
CVE-2014-5278
< 1.2.0
A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.
5.3
MEDIUM
CVE-2014-0048
< 1.5.0
An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used i
9.8
CRITICAL
CVE-2014-8179
< 1.8.3
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from i
7.5
HIGH
CVE-2014-8178
< 1.8.3
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, wh
5.5
MEDIUM
CVE-2014-9356
< 1.3.3
Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container pro
8.6
HIGH
CVE-2019-16884
<= 19.03.2
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcon
7.5
HIGH
CVE-2019-15752
< 2.1.0.1
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-
7.8
HIGH
CVE-2019-13139
< 18.09.4
In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command wo
8.4
HIGH
CVE-2019-14271
>= 19.03 and < 19.03.1
In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility
9.8
CRITICAL
CVE-2019-13509
< 18.09.8
In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in deb
7.5
HIGH
CVE-2019-10342
<= 1.1.6
A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in various 'fillCredentialsIdItems' methods allowed users wi
4.3
MEDIUM
CVE-2019-10341
<= 1.1.6
A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users w
6.5
MEDIUM
CVE-2019-10340
<= 1.1.6
A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection
8.8
HIGH
CVE-2018-15664
all versions
In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack wit
7.5
HIGH
CVE-2019-5736
< 18.09.2
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and
8.6
HIGH
CVE-2018-20699
< 18.09
Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --c
4.9
MEDIUM
CVE-2018-15514
all versions
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requ
8.8
HIGH
CVE-2018-10892
>= 1.11 and <= 18.03.1
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The
5.3
MEDIUM
CVE-2014-5282
< 1.3
Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loa
8.1
HIGH
CVE-2017-14992
<= 1.10.3
Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.0
6.5
MEDIUM
CVE-2014-0047
<= 1.4.1
Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage.
7.8
HIGH
CVE-2016-9962
>= 1.11.0 and < 1.12.6
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main pro
6.4
MEDIUM
CVE-2016-6595
all versions
The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service (prevention of cluster joins
6.5
MEDIUM
CVE-2016-8867
all versions
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass
7.5
HIGH
CVE-2016-3697
<= 1.11.1
libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential us
7.8
HIGH
CVE-2015-3631
<= 1.6
Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image tha
CVE-2015-3630
<= 1.6
Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /pr
CVE-2015-3629
all versions
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write
7.8
HIGH
CVE-2015-3627
<= 1.6
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, wh
CVE-2014-9358
<= 1.3.2
Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoo
CVE-2014-9357
all versions
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dock
CVE-2014-6408
all versions
Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the c
CVE-2014-6407
<= 1.3.1
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard l
CVE-2014-5277
<= 0.5.3
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man
CVE-2014-3499
all versions
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privile
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin