Package impact
Go / github.com/amir20/dozzle
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-44985 | critical | 9.6 | 9.6 | 3d ago | Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, he WebSocket upgrader for the /exec and /attach endpoints uses CheckOrigin: func(r *http.Request) bool { return true }, accepti… | |||
| CVE-2026-45298 | high | 8.6 | 8.6 | 3d ago | Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is re… | |||
| CVE-2026-24740 | unknown | — | — | 4mo ago | Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access in github.com/amir20/dozzle | |||
| CVE-2024-47182 | unknown | — | — | 2y ago | Dozzle uses unsafe hash for passwords in github.com/amir20/dozzle |