pkg:Debian/docker.io
53 total CVEsCRITICAL5HIGH16MEDIUM28LOW2
✅ Check your installed version
All known vulnerabilities
- from 0, < 20.10.5+dfsg1-1+deb11u3
- from 0, < 20.10.5+dfsg1-1+deb11u3
- from 0, < 18.09.1+dfsg1-9
- from 0, < 1.3.3~dfsg1-1
- from 0, < 1.6.0+dfsg1-1
- from 0
- HIGH8.4CVE-2026-33747BuildKit's Malicious frontend can cause file escape outside of storage root in github.com/moby/buildkitfrom 0
- from 0, < 1.6.1+dfsg1-1
- from 0, < 1.6.1+dfsg1-1
- from 0, < 18.09.1+dfsg1-7.1+deb10u1
- from 0, < 18.09.1+dfsg1-8
- from 0
- HIGH8.1CVE-2014-5282Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of u…from 0, < 1.3.0~dfsg1-1
- HIGH7.8CVE-2014-0047Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage.from 0, < 1.6.0+dfsg1-1
- HIGH7.5CVE-2026-33748BuildKit Git URL subdir component can cause access to restricted files in github.com/moby/buildkitfrom 0
- from 0, < 18.03.1+dfsg1-2
- HIGH7.5CVE-2023-28840Docker Swarm encrypted overlay network may be unauthenticated in github.com/docker/dockerfrom 0
- from 0, < 18.09.1+dfsg1-8
- HIGH7.5CVE-2014-8179Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON r…from 0, < 1.8.3~ds1-1
- HIGH7.5CVE-2018-15664In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directo…from 0, < 18.09.1+dfsg1-7.1
- from 0, < 1.3.2~dfsg1-1
- from 0
- MEDIUM6.8CVE-2026-33997Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/dockerfrom 0
- from 0, < 20.10.3+dfsg1-1
- MEDIUM6.8CVE-2023-28841Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/dockerfrom 0
- MEDIUM6.8CVE-2023-28842Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/dockerfrom 0
- from 0
- from 0, < 20.10.3+dfsg1-1
- from 0, < 18.03.1+dfsg1-2
- from 0, < 1.3.3~dfsg1-1
- from 0, < 1.13.1~ds1-2
- from 0, < 18.09.1+dfsg1-7.1+deb10u3
- from 0, < 19.03.13+dfsg2-1
- from 0, < 19.03.11+dfsg1-1
- from 0, < 18.09.1+dfsg1-7.1+deb10u2
- from 0
- MEDIUM5.9CVE-2021-41091Moby (Docker Engine) Insufficiently restricted permissions on data directory in github.com/docker/dockerfrom 0, < 20.10.5+dfsg1-1+deb11u1
- from 0, < 1.13.1~ds3-1
- from 0, < 1.3.3~dfsg1-1
- MEDIUM5.5CVE-2014-8178Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes…from 0, < 1.8.3~ds1-1
- from 0, < 20.10.5+dfsg1-1+deb11u1
- MEDIUM5.3CVE-2022-36109Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/dockerfrom 0
- MEDIUM5.3CVE-2014-5278A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.from 0, < 1.2.0~dfsg1-1
- MEDIUM5.3CVE-2018-10892The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames.from 0, < 18.06.1+dfsg1-1
- from 0, < 1.3.1~dfsg1-1
- MEDIUM5.2CVE-2020-15257containerd-shim API Exposed to Host Network Containers in github.com/containerd/containerdfrom 0, < 20.10.0~rc1+dfsg2-1
- from 0, < 1.6.1+dfsg1-1
- MEDIUM4.9CVE-2018-20699Docker Engine before 18.09 allows attackers to cause a denial of service (dockerd memory consumption) via a large integer in a --cpuset-mem…from 0, < 18.09.1+dfsg1-2
- from 0
- LOW3.3CVE-2025-54410Moby firewalld reload removes bridge network isolation in github.com/docker/dockerfrom 0
- LOW2.8CVE-2021-41089Unexpected chmod of host files via 'docker cp' in Moby Docker Engine in github.com/docker/dockerfrom 0, < 20.10.5+dfsg1-1+deb11u1
- from 0, < 1.3.2~dfsg1-1
- from 0, < 1.6.1+dfsg1-1