Package impact

Go / github.com/docker/docker

critical high medium low unknown

0

KEV Has exploit

CVE	Severity	CVSS	Risk	Published	Description	Impact
CVE-2014-9357	critical	—	10.0	12y ago	Arbitrary Code Execution in github.com/docker/docker
CVE-2026-42306	high	—	8.0	9d ago	Docker: Race condition in docker cp allows bind mount redirection to host path
CVE-2026-41567	high	—	8.0	9d ago	Docker: `PUT /containers/{id}/archive` executes container binary on the host
CVE-2026-34040	high	—	8.0	2mo ago	Moby has AuthZ plugin bypass when provided oversized request bodies
CVE-2015-3629	high	7.8	7.8	11y ago	Arbitrary File Write in Libcontainer in github.com/docker/docker
CVE-2014-6407	high	—	7.5	12y ago	Arbitrary Code Execution in Docker in github.com/docker/docker
CVE-2015-3630	high	—	7.2	11y ago	Information Exposure in Docker Engine in github.com/docker/docker
CVE-2015-3627	high	—	7.2	11y ago	Symlink Attack in Libcontainer and Docker Engine in github.com/docker/docker
CVE-2014-3499	high	—	7.2	12y ago	Privilege Escalation in Docker in github.com/docker/docker
CVE-2014-9358	medium	—	6.4	12y ago	Directory Traversal in Docker in github.com/docker/docker
CVE-2026-41568	medium	—	5.5	9d ago	Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap
CVE-2021-41089	medium	—	5.5	2y ago	Unexpected chmod of host files via 'docker cp' in Moby Docker Engine in github.com/docker/docker
CVE-2021-41091	medium	—	5.5	2y ago	Moby (Docker Engine) Insufficiently restricted permissions on data directory in github.com/docker/docker
CVE-2014-6408	medium	—	5.0	12y ago	Access Restriction Bypass in Docker in github.com/docker/docker
CVE-2014-5277	medium	—	5.0	12y ago	Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain auth…
CVE-2015-3631	low	—	3.6	11y ago	Arbitrary File Override in Docker Engine in github.com/docker/docker
CVE-2026-33997	unknown	—	—	2mo ago	Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
CVE-2025-54410	unknown	—	—	10mo ago	Moby firewalld reload removes bridge network isolation in github.com/docker/docker
CVE-2025-54388	unknown	—	—	10mo ago	Moby firewalld reload makes published container ports accessible from remote hosts in github.com/docker/docker
CVE-2024-41110	unknown	—	—	2y ago	Moby authz zero length regression in github.com/moby/moby
CVE-2022-24769	unknown	—	—	2y ago	Moby (Docker Engine) started with non-empty inheritable Linux process capabilities in github.com/docker/docker
CVE-2024-32473	unknown	—	—	2y ago	IPv6 enabled on IPv4-only network interfaces in github.com/docker/docker
CVE-2024-29018	unknown	—	—	2y ago	Data exfiltration from internal networks in github.com/docker/docker
CVE-2024-24557	unknown	—	—	2y ago	Classic builder cache poisoning in github.com/docker/docker
CVE-2018-12608	unknown	—	—	2y ago	Docker Authentication Bypass
CVE-2020-27534	unknown	—	—	2y ago	Path Traversal in Moby builder
CVE-2023-28840	unknown	—	—	3y ago	Docker Swarm encrypted overlay network may be unauthenticated in github.com/docker/docker
CVE-2023-28841	unknown	—	—	3y ago	Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker
CVE-2023-28842	unknown	—	—	3y ago	Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker
CVE-2022-36109	unknown	—	—	4y ago	Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker
CVE-2019-14271	unknown	—	—	4y ago	Moby Docker cp broken with debian containers in github.com/docker/docker
CVE-2019-13509	unknown	—	—	4y ago	Secret insertion into debug log in Docker
CVE-2014-9356	unknown	—	—	5y ago	Path Traversal in Docker in github.com/docker/docker