FLAT-AJQOW (MAL-2026-4945)
Use of software with malware In @cloudplatform-single-spa/ml-inference-docker-run
5.2
Medium
Ecosystem: Npm
Package: @cloudplatform-single-spa/ml-inference-docker-run
FLAT-SFWGR (MAL-2026-5012)
Use of software with malware In @mlspace/docker-registry
5.2
Medium
Ecosystem: Npm
Package: @mlspace/docker-registry
FLAT-Z49HF (CVE-2026-41568)
Race condition In github.com/docker/docker
1.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-F9RKX (CVE-2026-41567)
External control of file name or path In github.com/docker/docker
4.1
Medium
Ecosystem: Go
Package: github.com/docker/docker
FLAT-T3DT9 (CVE-2026-41888)
Authentication mechanism absence or evasion In docker-registry
1.7
Low
Ecosystem: Debian
Package: docker-registry
FLAT-WEJVQ (MAL-2026-2634)
Use of software with malware In percy-cake-docker
5.2
Medium
Ecosystem: Npm
Package: percy-cake-docker
FLAT-WPCBS (CVE-2021-21284)
Lack of data validation - Path Traversal In docker
5.6
Medium
Ecosystem: Alpm
Package: docker
FLAT-TNGY1 (CVE-2021-21285)
Asymmetric denial of service In docker
4.6
Medium
Ecosystem: Alpm
Package: docker
FLAT-IKP8B (CVE-2021-41089)
Excessive privileges In docker
5.8
Medium
Ecosystem: Alpm
Package: docker
FLAT-8H37V (CVE-2021-41091)
Excessive privileges In docker
1.2
Low
Ecosystem: Alpm
Package: docker
FLAT-3HNVB (CVE-2021-41092)
Sensitive information sent insecurely In docker
0.6
Low
Ecosystem: Alpm
Package: docker
FLAT-IB50L (CVE-2016-9962)
Enabled default configuration In docker
5.6
Medium
Ecosystem: Alpm
Package: docker
FLAT-K02G7 (CVE-2018-15664)
Lack of data validation - Path Traversal In docker
4.1
Medium
Ecosystem: Alpm
Package: docker
FLAT-KUSFN (CVE-2026-35172)
Improper authorization control for web services In docker-registry
6.3
Medium
Ecosystem: Debian
Package: docker-registry
FLAT-OANYC (CVE-2026-34040)
Authentication mechanism absence or evasion In docker.io
5.6
Medium
Ecosystem: Debian
Package: docker.io
FLAT-1Q3GK (CVE-2026-33997)
Insecure functionality In docker.io
3.4
Low
Ecosystem: Debian
Package: docker.io
FLAT-ZCJHP (CVE-2026-33990)
Server-side request forgery (SSRF) In github.com/docker/model-runner
4.3
Medium
Ecosystem: Go
Package: github.com/docker/model-runner
FLAT-IEDP1 (CVE-2026-33748)
Lack of data validation - Path Traversal In docker.io
4.6
Medium
Ecosystem: Debian
Package: docker.io
FLAT-8Z22A (CVE-2026-33747)
Lack of data validation - Path Traversal In docker.io
5.5
Medium
Ecosystem: Debian
Package: docker.io
FLAT-Y0MDV (MAL-2026-1644)
Use of software with malware In aboba-docker-check
5.2
Medium
Ecosystem: Npm
Package: aboba-docker-check
FLAT-EXZNT (CVE-2025-15558)
External control of file name or path In github.com/docker/compose
4.0
Medium
Ecosystem: Go
Package: github.com/docker/compose
FLAT-WWV7R (CVE-2025-64443)
Insecure service configuration In github.com/docker/mcp-gateway
4.5
Medium
Ecosystem: Go
Package: github.com/docker/mcp-gateway
FLAT-M7NMU (CVE-2025-62725)
Lack of data validation - Path Traversal In github.com/docker/compose
5.9
Medium
Ecosystem: Go
Package: github.com/docker/compose
FLAT-X2CB7 (MAL-2025-47844)
Use of software with malware In autobahn-testsuite-docker
5.2
Medium
Ecosystem: Npm
Package: autobahn-testsuite-docker
FLAT-QAZGB (MAL-2025-9092)
Use of software with malware In @marcos_feitoza/docker-image
5.2
Medium
Ecosystem: Npm
Package: @marcos_feitoza/docker-image
FLAT-CKQRK (MAL-2025-33024)
Use of software with malware In setup-docker
5.2
Medium
Ecosystem: Npm
Package: setup-docker
FLAT-09IM7 (CVE-2025-54410)
Improper authorization control for web services In docker.io
0.1
Low
Ecosystem: Debian
Package: docker.io
FLAT-R8920 (CVE-2025-54388)
Improper resource allocation In github.com/docker/docker
1.2
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-1FXDI (MAL-2025-5187)
Use of software with malware In vscode-docker
5.2
Medium
Ecosystem: Npm
Package: vscode-docker
FLAT-9QVQT (CVE-2025-0495)
Traceability loss In github.com/docker/buildx
0.8
Low
Ecosystem: Go
Package: github.com/docker/buildx
FLAT-QWOMU (MAL-2025-2042)
Use of software with malware In jfrog-docker-desktop-extension
5.2
Medium
Ecosystem: Npm
Package: jfrog-docker-desktop-extension
FLAT-CXKRB (MAL-2024-12112)
Use of software with malware In tree-sitter-dockerfile
5.2
Medium
Ecosystem: Npm
Package: tree-sitter-dockerfile
FLAT-1HTQR (MAL-2024-10603)
Use of software with malware In docker-centos-hello
5.2
Medium
Ecosystem: Npm
Package: docker-centos-hello
FLAT-EL22H (MAL-2024-9963)
Use of software with malware In confluent-docker-utils
5.2
Medium
Ecosystem: PyPI
Package: confluent-docker-utils
FLAT-KL8TW (DLA-3918-1)
Lack of data validation - Path Traversal In docker.io
1.3
Low
Ecosystem: Debian
Package: docker.io
FLAT-742VO (CVE-2024-41110)
Lack of data validation In github.com/docker/docker
7.7
High
Ecosystem: Go
Package: github.com/docker/docker
FLAT-CXROE (MAL-2024-4079)
Use of software with malware In be.vlaanderen.basisrеgisters.dockerutіlities
5.2
Medium
Ecosystem: NuGet
Package: be.vlaanderen.basisrеgisters.dockerutіlities
FLAT-116HP (MAL-2024-3964)
Use of software with malware In wwc22docker
5.2
Medium
Ecosystem: Npm
Package: wwc22docker
FLAT-X84HS (MAL-2024-2956)
Use of software with malware In remove-docker-tag
5.2
Medium
Ecosystem: Npm
Package: remove-docker-tag
FLAT-TQ7BT (MAL-2024-1842)
Use of software with malware In browserstack-docker-example
5.2
Medium
Ecosystem: Npm
Package: browserstack-docker-example
FLAT-VGVWB (GHSA-xmmx-7jpf-fx42)
Insufficient data authenticity validation In github.com/docker/docker
1.3
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-E09TX (CVE-2022-24769)
Improper authorization control for web services In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-7M3HK (CVE-2024-32473)
Sensitive information sent insecurely In docker.io
1.9
Low
Ecosystem: Debian
Package: docker.io
FLAT-I3M0O (CVE-2024-29018)
Sensitive information sent insecurely In docker.io
4.6
Medium
Ecosystem: Debian
Package: docker.io
FLAT-V7KO4 (CVE-2024-2216)
Improper authorization control for web services In org.jenkins-ci.plugins:docker-build-step
1.3
Low
Ecosystem: Maven
Package: org.jenkins-ci.plugins:docker-build-step
FLAT-R31IB (CVE-2024-2215)
Cross-site request forgery In org.jenkins-ci.plugins:docker-build-step
1.3
Low
Ecosystem: Maven
Package: org.jenkins-ci.plugins:docker-build-step
FLAT-Z7H0Z (CVE-2024-24557)
Lack of data validation In github.com/docker/docker
3.8
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-IE8E5 (CVE-2018-12608)
Security controls bypass or absence In github.com/docker/docker
6.6
Medium
Ecosystem: Go
Package: github.com/docker/docker
FLAT-3UT82 (CVE-2023-48311)
Lack of data validation In dockerspawner
1.3
Low
Ecosystem: PyPI
Package: dockerspawner
FLAT-4W7MY (CVE-2023-40453)
OS Command Injection In github.com/docker/machine
4.9
Medium
Ecosystem: Go
Package: github.com/docker/machine
FLAT-WJCLB (GHSA-jq35-85cj-fj4p)
Improper authorization control for web services In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-1EX2F (MAL-2023-7951)
Use of software with malware In docker-slim-action
5.2
Medium
Ecosystem: Npm
Package: docker-slim-action
FLAT-TCZM1 (CVE-2023-40350)
Server side cross-site scripting In org.jenkins-ci.plugins:docker-swarm
5.2
Medium
Ecosystem: Maven
Package: org.jenkins-ci.plugins:docker-swarm
FLAT-MCKGJ (DLA-3473-1)
Lack of data validation - Path Traversal In docker-registry
2.7
Low
Ecosystem: Debian
Package: docker-registry
FLAT-F70SO (CVE-2023-2253)
Improper resource allocation In docker-registry
4.9
Medium
Ecosystem: Debian
Package: docker-registry
FLAT-DVW7M (DSA-5414-1)
Lack of data validation - Path Traversal In docker-registry
1.3
Low
Ecosystem: Debian
Package: docker-registry
FLAT-926RG (CVE-2023-28842)
Insecure functionality In docker.io
6.3
Medium
Ecosystem: Debian
Package: docker.io
FLAT-I3FT0 (CVE-2023-28840)
Insecure functionality In docker.io
6.5
Medium
Ecosystem: Debian
Package: docker.io
FLAT-MZQRD (CVE-2023-28841)
Non-encrypted confidential information In docker.io
6.3
Medium
Ecosystem: Debian
Package: docker.io
FLAT-RSKFF (CVE-2023-28109)
Improper authorization control for web services In github.com/play-with-docker/play-with-docker
4.9
Medium
Ecosystem: Go
Package: github.com/play-with-docker/play-with-docker
FLAT-7LM9T (CVE-2022-37708)
Improper authorization control for web services In github.com/docker/libcontainer
4.9
Medium
Ecosystem: Go
Package: github.com/docker/libcontainer
FLAT-XNANA (CVE-2022-45385)
Improper authorization control for web services In org.jenkins-ci.plugins:dockerhub-notification
2.7
Low
Ecosystem: Maven
Package: org.jenkins-ci.plugins:dockerhub-notification
FLAT-HVPRT (GHSA-vp35-85q5-9f25)
Business information leak In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-8QMTP (CVE-2022-36109)
Authentication mechanism absence or evasion In github.com/docker/docker
1.3
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-7B80X (CVE-2022-38362)
Server side template injection In apache-airflow-providers-docker
6.3
Medium
Ecosystem: PyPI
Package: apache-airflow-providers-docker
FLAT-2UN9Q (MAL-2022-4647)
Use of software with malware In mns-core-dockerr
5.2
Medium
Ecosystem: Npm
Package: mns-core-dockerr
FLAT-IBSM7 (MAL-2022-2887)
Use of software with malware In eva.io-docker
5.2
Medium
Ecosystem: Npm
Package: eva.io-docker
FLAT-VE6CL (CVE-2021-34079)
Lack of data validation In docker-tester
1.3
Low
Ecosystem: Npm
Package: docker-tester
FLAT-H41VX (CVE-2019-14271)
Server side template injection In github.com/docker/docker
8.1
High
Ecosystem: Go
Package: github.com/docker/docker
FLAT-JICNE (CVE-2019-13509)
Debugging enabled in production In github.com/docker/docker
6.6
Medium
Ecosystem: Go
Package: github.com/docker/docker
FLAT-5JGJ4 (CVE-2019-10342)
Improper authorization control for web services In io.jenkins.docker:docker-plugin
1.3
Low
Ecosystem: Maven
Package: io.jenkins.docker:docker-plugin
FLAT-25YO8 (CVE-2019-10341)
Improper authorization control for web services In io.jenkins.docker:docker-plugin
4.9
Medium
Ecosystem: Maven
Package: io.jenkins.docker:docker-plugin
FLAT-J4GDC (CVE-2019-10340)
Cross-site request forgery In io.jenkins.docker:docker-plugin
6.3
Medium
Ecosystem: Maven
Package: io.jenkins.docker:docker-plugin
FLAT-SRCSS (CVE-2017-1000094)
Business information leak In org.jenkins-ci.plugins:docker-commons
4.9
Medium
Ecosystem: Maven
Package: org.jenkins-ci.plugins:docker-commons
FLAT-01MB3 (CVE-2015-9258)
Insecure digital certificates In github.com/docker/notary
6.6
Medium
Ecosystem: Go
Package: github.com/docker/notary
FLAT-AH04G (CVE-2019-1003065)
Non-encrypted confidential information In org.jenkins-ci.plugins:cloudshare-docker
1.1
Low
Ecosystem: Maven
Package: org.jenkins-ci.plugins:cloudshare-docker
FLAT-PKYH2 (CVE-2017-11468)
Inadequate file size control In github.com/docker/distribution
4.9
Medium
Ecosystem: Go
Package: github.com/docker/distribution
FLAT-A0H34 (CVE-2015-3629)
Insecure session management In github.com/docker/docker
6.1
Medium
Ecosystem: Go
Package: github.com/docker/docker
FLAT-PPPAV (CVE-2020-13401)
Lack of data validation In github.com/docker/docker-ce
0.6
Low
Ecosystem: Go
Package: github.com/docker/docker-ce
FLAT-F59EN (CVE-2014-5277)
Insecure deserialization In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-4FEYB (CVE-2014-6408)
Improper authorization control for web services In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-4W3GP (CVE-2014-9357)
Improper authorization control for web services In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-80QFR (CVE-2015-3630)
Improper authorization control for web services In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-C6E01 (CVE-2015-3631)
Improper authorization control for web services In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-B9J8A (CVE-2016-8579)
Inappropriate coding practices In github.com/appc/docker2aci
1.2
Low
Ecosystem: Go
Package: github.com/appc/docker2aci
FLAT-JH3BL (CVE-2015-3627)
Insecure session management In github.com/docker/docker
0.6
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-2C7KM (CVE-2014-9358)
Insecure session management In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-QQKY3 (CVE-2014-6407)
Insecure session management In github.com/docker/docker
2.7
Low
Ecosystem: Go
Package: github.com/docker/docker
FLAT-9K9FE (CVE-2014-3499)
Excessive privileges In github.com/docker/docker
6.1
Medium
Ecosystem: Go
Package: github.com/docker/docker
FLAT-CFNRP (GHSA-qq97-vm5h-rrhg)
Lack of data validation - Type confusion In github.com/docker/distribution
0.5
Low
Ecosystem: Go
Package: github.com/docker/distribution
FLAT-02YMA (CVE-2022-20617)
OS Command Injection In org.jenkins-ci.plugins:docker-commons
7.7
High
Ecosystem: Maven
Package: org.jenkins-ci.plugins:docker-commons
FLAT-0ETX8 (CVE-2021-23732)
OS Command Injection In docker-cli-js
0.0
None
Ecosystem: Npm
Package: docker-cli-js
FLAT-RJAAL (CVE-2014-9356)
Lack of data validation - Path Traversal In github.com/docker/docker
7.7
High
Ecosystem: Go
Package: github.com/docker/docker
FLAT-58ZQH (CVE-2020-7606)
OS Command Injection In docker-compose-remote-api
8.1
High
Ecosystem: Npm
Package: docker-compose-remote-api
FLAT-CEP2P (DSA-4865-1)
Lack of data validation - Path Traversal In docker.io
2.7
Low
Ecosystem: Debian
Package: docker.io
FLAT-OMC73 (DSA-4716-1)
Lack of data validation - Path Traversal In docker.io
2.7
Low
Ecosystem: Debian
Package: docker.io
FLAT-CWTOB (CVE-2014-5278)
Lack of data validation In docker.io
2.7
Low
Ecosystem: Debian
Package: docker.io
FLAT-HQ1RI (CVE-2014-0048)
Missing subresource integrity check In docker.io
8.1
High
Ecosystem: Debian
Package: docker.io
FLAT-WMK6D (CVE-2014-8179)
Lack of data validation In docker.io
6.6
Medium
Ecosystem: Debian
Package: docker.io
FLAT-AYFLQ (CVE-2014-8178)
Lack of data validation In docker.io
4.3
Medium
Ecosystem: Debian
Package: docker.io