Search CVE reports
11 – 20 of 54 results
CVE-2021-41190
Low prioritySome fixes available 9 of 18
The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to...
3 affected packages
containerd, docker-registry, docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
containerd | Fixed | Fixed | Fixed | Fixed | Needs evaluation |
docker-registry | Not affected | Not affected | Not affected | Not affected | Not affected |
docker.io | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
CVE-2021-41092
Medium prioritySome fixes available 10 of 11
Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically...
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Fixed | Fixed | Fixed | Fixed | Vulnerable |
CVE-2021-41091
Medium prioritySome fixes available 5 of 6
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories with insufficiently...
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | — | Fixed | Fixed | Fixed | Not affected |
CVE-2021-41089
Medium priorityMoby is an open-source project created by Docker to enable software containerization. A bug was found in Moby (Docker Engine) where attempting to copy files using `docker cp` into a specially-crafted container can result in Unix...
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | — | Fixed | Fixed | Fixed | Fixed |
CVE-2021-21285
Medium prioritySome fixes available 3 of 5
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the...
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Not affected | Not affected | Fixed | Fixed | Vulnerable |
CVE-2021-21284
Medium prioritySome fixes available 3 of 5
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in...
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | Not affected | Not affected | Fixed | Fixed | Vulnerable |
CVE-2020-27534
Medium priorityutil/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | — | — | Not affected | Not affected | Not affected |
CVE-2020-15157
Medium priorityIn containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for...
2 affected packages
containerd, docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
containerd | — | — | Not affected | Not affected | Fixed |
docker.io | — | — | Fixed | Fixed | Fixed |
CVE-2020-14300
Low priorityThe docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was...
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | — | — | Not affected | Not affected | Not affected |
CVE-2020-14298
Low priorityThe version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue...
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | — | — | Not affected | Not affected | Not affected |