Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Docker Inc. — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting Docker Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Docker Inc. develops containerization technology enabling application portability and infrastructure efficiency. Historically, Docker has faced vulnerabilities across multiple classes, including remote code execution (RCE), cross-site scripting (XSS), privilege escalation, and insecure default configurations. The platform's security posture has been challenged by incidents like container breakout vulnerabilities and insecure image repositories. With 11 CVEs currently on record, Docker continues addressing security through regular updates and enhanced isolation mechanisms. The company's focus remains on providing secure containerization while maintaining ease of use, though users must remain vigilant about patching and following security best practices to mitigate potential risks.

Top products by Docker Inc.: Docker Desktop
CVE IDTitleCVSSSeverityPublished
CVE-2025-14740 Docker Desktop for Windows Incorrect Permission Assignment Privilege Escalation Vulnerabilities — Docker DesktopCWE-732 6.7 Medium2026-02-04
CVE-2024-6222 In Docker Desktop before v4.29.0 an attacker who has gained access to the Docker Desktop VM through a container breakout can further escape to the host by passing extensions and dashboard related IPC messages — Docker DesktopCWE-923 7.8AIHighAI2024-07-09
CVE-2024-5652 In Docker Desktop on Windows before v4.31.0 allows a user in the docker-users group to cause a Windows Denial-of-Service through the exec-path Docker daemon config option in Windows containers mode — Docker Desktop 6.1 Medium2024-07-09
CVE-2023-0633 In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in LPE — Docker DesktopCWE-88 7.2 High2023-09-25
CVE-2023-0627 Docker Desktop 4.11.x allows --no-windows-containers flag bypass — Docker DesktopCWE-501 6.7 Medium2023-09-25
CVE-2023-0626 Docker Desktop before 4.12.0 is vulnerable to RCE via query parameters in message-box route — Docker DesktopCWE-94 8.0 High2023-09-25
CVE-2023-0625 Docker Desktop before 4.12.0 is vulnerable to RCE via a crafted extension description or changelog — Docker DesktopCWE-79 8.0 High2023-09-25
CVE-2023-5166 Docker Desktop before 4.23.0 allows Access Token theft via a crafted extension icon URL — Docker DesktopCWE-200 8.0 High2023-09-25
CVE-2023-5165 Docker Desktop before 4.23.0 allows Enhanced Container Isolation bypass via debug shell — Docker DesktopCWE-862 7.1 High2023-09-25
CVE-2023-0629 Docker Desktop before 4.17.0 allows an unprivileged user to bypass Enhanced Container Isolation restrictions via the raw Docker socket and launch privileged containers — Docker DesktopCWE-424 7.1 High2023-03-13
CVE-2023-0628 Docker Desktop before 4.17.0 allows an attacker to execute an arbitrary command inside a Dev Environments container during initialization by tricking a user to open a crafted malicious docker-desktop:// URL — Docker DesktopCWE-77 6.1 Medium2023-03-13

This page lists every published CVE security advisory associated with Docker Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.