The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Docker Engine

Docker Engine: privilege escalation via file descriptors
An attacker, inside a guest system, can use file descriptor inherited via the debug support of Docker Engine, in order to escalate his privileges on the host system...
CVE-2016-9962, FEDORA-2017-0200646669, FEDORA-2017-20cdb2063a, FEDORA-2017-c2c2d1be16, FEDORA-2017-dbc2b618eb, FEDORA-2017-fcd02e2c2d, openSUSE-SU-2017:1966-1, RHSA-2017:0116-01, RHSA-2017:0123-01, RHSA-2017:0127-01, SUSE-SU-2019:0573-1, SUSE-SU-2019:1264-1, VIGILANCE-VUL-21551
Docker Engine: privilege escalation via Ambient Capability
An attacker can bypass restrictions via Ambient Capability of Docker Engine, in order to escalate his privileges...
CVE-2016-8867, openSUSE-SU-2016:3009-1, VIGILANCE-VUL-20977
Docker: information disclosure via /proc/timer_list
An attacker can read /proc/timer_list via Docker, in order to obtain sensitive information...
VIGILANCE-VUL-20435
Docker: denial of service via Swarm
A local attacker can join multiple times a Swarm of Docker, in order to trigger a denial of service...
CVE-2016-6595, VIGILANCE-VUL-20305
Docker: information disclosure via machinectl
An attacker can use machinectl with Docker, in order to obtain sensitive information...
CVE-2016-6349, VIGILANCE-VUL-20229
Docker: privilege escalation via Numeric UID
A local attacker can in some cases use an uid on Docker, in order to escalate his privileges...
1329450, 2004947, CVE-2016-3697, FEDORA-2016-6a0d540088, openSUSE-SU-2016:1417-1, RHSA-2016:1034-01, RHSA-2016:2634-01, VIGILANCE-VUL-19615
Docker Engine: two vulnerabilities
An attacker can use several vulnerabilities of Docker...
CVE-2014-8178, CVE-2014-8179, openSUSE-SU-2015:1773-1, openSUSE-SU-2015:2073-1, VIGILANCE-VUL-18131
Our database contains other pages. You can request a free trial to read them.

Display information about Docker Engine: