github.com/docker/docker vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-42306Highgithub.com/docker/docker: Docker: Race condition in docker cp allows bind mount redirection to host pathCVE-2026-41568Mediumgithub.com/docker/docker: Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via…CVE-2026-41567Highgithub.com/moby/moby/v2: Docker: `PUT /containers/{id}/archive` executes container binary on the hostCVE-2026-34040Highgithub.com/moby/moby: Moby has AuthZ plugin bypass when provided oversized request bodiesCVE-2026-33997Mediumgithub.com/docker/docker: Moby has an Off-by-one error in its plugin privilege validationCVE-2025-54410Lowgithub.com/docker/docker: Moby firewalld reload removes bridge network isolationCVE-2025-54388Mediumgithub.com/docker/docker: Moby firewalld reload makes published container ports accessible from remote hosts CVE-2024-41110Criticalgithub.com/docker/docker: Authz zero length regressionGHSA-XMMX-7JPF-FX42Mediumgithub.com/docker/docker: Moby (Docker Engine) is vulnerable to Ambiguous OCI manifest parsingCVE-2021-41089Lowgithub.com/docker/docker: `docker cp` allows unexpected chmod of host files in Moby Docker EngineCVE-2022-24769Mediumgithub.com/moby/moby: Moby (Docker Engine) started with non-empty inheritable Linux process capabilitiesCVE-2024-32473Mediumgithub.com/docker/docker: IPv6 enabled on IPv4-only network interfacesCVE-2024-29018Mediumgithub.com/docker/docker: Moby's external DNS requests from 'internal' networks could lead to data exfiltrationCVE-2024-24557Mediumgithub.com/docker/docker: Classic builder cache poisoningCVE-2021-41091Mediumgithub.com/moby/moby: Moby (Docker Engine) Insufficiently restricted permissions on data directoryCVE-2018-12608Highgithub.com/docker/docker: Docker Authentication BypassCVE-2020-27534Mediumgithub.com/moby/moby: Path Traversal in Moby builderGHSA-JQ35-85CJ-FJ4PMediumgithub.com/docker/docker: /sys/devices/virtual/powercap accessible by default to containersCVE-2023-28840Highgithub.com/docker/docker: Docker Swarm encrypted overlay network may be unauthenticatedCVE-2023-28841Mediumgithub.com/docker/docker: Docker Swarm encrypted overlay network traffic may be unencryptedCVE-2023-28842Mediumgithub.com/docker/docker: Docker Swarm encrypted overlay network with a single endpoint is unauthenticatedGHSA-VP35-85Q5-9F25Lowgithub.com/docker/docker: Container build can leak any path on the host into the containerCVE-2022-36109Mediumgithub.com/docker/docker: Docker supplementary group permissions not set up properly, allowing attackers to bypass primary…CVE-2019-14271Criticalgithub.com/docker/docker: Moby Docker cp broken with debian containersCVE-2019-13509Highgithub.com/docker/docker: Secret insertion into debug log in Docker

Stop the waste.
Protect your environment with Kodem.