Vulnerable Docker Environments

CVE-2021-3129

9.8 CRITICAL

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of file_get_contents() and...
about 2 months ago

CVE-2020-17518

7.5 HIGH

Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP...
about 2 months ago

CVE-2020-17519

7.5 HIGH

A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST...
about 2 months ago

CVE-2019-0230

9.8 CRITICAL

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
5 months ago

CVE-2020-17530

9.8 CRITICAL

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
6 months ago

CVE-2020-9496

6.1 MEDIUM

XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03
7 months ago

CVE-2020-13942

9.8 CRITICAL

It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint. This was partially fixed in 1.5.1 but a new attack vector was found. In Apache Unomi...
8 months ago

CVE-2020-11651

9.8 CRITICAL

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properly validate method calls. This allows a...
10 months ago

CVE-2020-11652

6.5 MEDIUM

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class allows access to some methods that improperly sanitize...
10 months ago

CVE-2020-10199

8.8 HIGH

Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).
11 months ago