An open index of dependabot pull requests across open source projects.

github.com/docker/docker

Ecosystem:
go
Package URL:
pkg:golang/github.com/docker/docker
Total PRs:
5,378 Dependabot PRs
Latest PR:
about 21 hours ago
Unique Repositories:
1,785 repositories
Unique Repos (30 days):
15 repositories
Security Advisories
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities
GHSA-2mm7-x5h6-5pvq CVE-2022-24769 MODERATE published almost 2 years ago • updated 3 days ago
### Impact A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities...
Arbitrary Code Execution
GHSA-997c-fj8j-rq5h CVE-2014-9357 HIGH published about 4 years ago • updated 29 days ago
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA...
Symlink Attack in Libcontainer and Docker Engine
GHSA-g7v2-2qxx-wjrw CVE-2015-3627 MODERATE published about 4 years ago • updated about 1 month ago
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local ...
Moby's external DNS requests from 'internal' networks could lead to data exfiltration
GHSA-mq39-4gv4-mvpx CVE-2024-29018 MODERATE published almost 2 years ago • updated 3 days ago
Moby is an open source container framework originally developed by Docker Inc. as Docker. It is a key component of Docker Engine, Docker Desktop, a...
Authz zero length regression
GHSA-v23v-6jw2-98fq CVE-2024-41110 CRITICAL published over 1 year ago • updated 7 days ago
A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass [authorization plugins (Au...
Recent PRs (filtered by: Patch PRs )
build(deps): bump the go-dependencies group with 5 updates

buildpacks/pack #2463

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Closed 3 months ago 1 comment
buildpacks
Bump the golang-dependencies group across 2 directories with 3 updates

ls1intum/hades #318

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 3 months ago 2 comments
ls1intum
chore(deps): bump the dependencies group across 1 directory with 6 updates

openfga/openfga #2798

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 3 months ago 2 comments
openfga
build(deps): bump the dependencies group in /systemtest with 5 updates

elastic/apm-server #19529

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 3 months ago 2 comments
elastic
chore: bump the golang group across 1 directory with 12 updates

AndiDog/skaffold #53

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 3 months ago 1 comment
AndiDog
chore: bump the engine group across 2 directories with 25 updates

sipsma/dagger #1166

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 3 months ago 1 comment
sipsma
deps(deps): bump the go-dependencies group with 3 updates

avivsinai/jenkins-cli #11

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 3 months ago 1 comment
avivsinai
Bump the go-modules group across 1 directory with 9 updates

picatz/dynabuf #47

28.5.0+incompatible → 28.5.2+incompatible Patch PR
Closed 3 months ago 2 comments
picatz
chore(deps): bump the minor group across 1 directory with 5 updates

containifyci/engine-ci #310

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 3 months ago 24 comments
containifyci
chore: bump the engine group across 2 directories with 22 updates

dagger/dagger #11378

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Closed 3 months ago 1 comment
dagger
Bump the go_modules group across 1 directory with 2 updates

devfile/registry-operator #111

25.0.6+incompatible → 25.0.13+incompatible Patch PR
Open 3 months ago 5 comments
devfile
Bump the go-docker-dependencies group with 2 updates

tektoncd/cli #2639

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 3 months ago 2 comments
tektoncd
chore: bump the engine group across 2 directories with 18 updates

sipsma/dagger #1161

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 4 months ago 1 comment
sipsma
chore: bump the engine group across 2 directories with 18 updates

dagger/dagger #11363

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Closed 4 months ago 1 comment
dagger
Bump github.com/docker/docker from 28.5.1+incompatible to 28.5.2+incompatible

spiffe/spire #6422

28.5.1+incompatible → 28.5.2+incompatible Patch PR
Open 4 months ago 2 comments
spiffe
chore(deps): bump the go_modules group across 1 directory with 9 updates

layer-3/clearsync #526

25.0.2+incompatible → 25.0.13+incompatible Patch PR
Open 4 months ago 1 comment
layer-3
Bump the all-updates group with 11 updates

cirruslabs/cirrus-cli #957

28.5.0+incompatible → 28.5.1+incompatible Patch PR
Closed 4 months ago 2 comments
cirruslabs
Package Details
Name: github.com/docker/docker
Ecosystem: go
PURL Type: golang
Package URL: pkg:golang/github.com/docker/docker
JSON API: View JSON
Security Advisories

29

Active advisories
CRITICAL 2
HIGH 8
MODERATE 16
LOW 3
View All golang Advisories
Package Information
Description:

Repository: https://github.com/docker/docker
Homepage: https://github.com/docker/docker
Latest Release: v28.2.2+incompatible
9 months ago
Dependent Repos: 40,103
Dependent Packages: 16,935
Ranking: Top 0.0289% by dependent repos Top 0.0137% by dependent pkgs
PR Status
Open 2,532 (47.1%)
Merged 824 (15.3%)
Closed 1,628 (30.3%)
PR Types
Minor 2,012 (37.4%)
Major 2,003 (37.2%)
Patch 967 (18.0%)