pkg:Go/github.com/amir20/dozzle

6 total CVEsHIGH1MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • HIGH8.6CVE-2026-45298Dozzle: Pre-auth SSRF with response-body reflection via POST /api/notifications/test-webhook (default no-auth deploy)
    from 0, <= 8.14.12
  • MEDIUM4.8CVE-2024-47182Dozzle uses unsafe hash for passwords
    from 0, < 8.5.3
  • MEDIUM4.8CVE-2024-47182Dozzle uses unsafe hash for passwords
    from 0
  • CVE-2026-44985Dozzle's Cross-Site WebSocket Hijacking (CSWSH) on exec/attach endpointsbypasses authentication
    from 0, <= 10.5.1
  • CVE-2026-24740Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access in github.com/amir20/dozzle
    from 0, < 1.29.1-0.20260125230338-620e59aa2463
  • CVE-2026-24740Dozzle Agent Label-Based Access Control Bypass Allows Unauthorized Container Shell Access in github.com/amir20/dozzle
    from 0, < 1.29.1-0.20260125230338-620e59aa2463