An open index of dependabot pull requests across open source projects.

github.com/docker/docker

Ecosystem:
go
Package URL:
pkg:golang/github.com/docker/docker
Total PRs:
5,378 Dependabot PRs
Latest PR:
about 21 hours ago
Unique Repositories:
1,785 repositories
Unique Repos (30 days):
15 repositories
Security Advisories
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities
GHSA-2mm7-x5h6-5pvq CVE-2022-24769 MODERATE published almost 2 years ago • updated 3 days ago
### Impact A bug was found in Moby (Docker Engine) where containers were incorrectly started with non-empty inheritable Linux process capabilities...
Arbitrary Code Execution
GHSA-997c-fj8j-rq5h CVE-2014-9357 HIGH published about 4 years ago • updated 29 days ago
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA...
Symlink Attack in Libcontainer and Docker Engine
GHSA-g7v2-2qxx-wjrw CVE-2015-3627 MODERATE published about 4 years ago • updated about 1 month ago
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local ...
Moby's external DNS requests from 'internal' networks could lead to data exfiltration
GHSA-mq39-4gv4-mvpx CVE-2024-29018 MODERATE published almost 2 years ago • updated 3 days ago
Moby is an open source container framework originally developed by Docker Inc. as Docker. It is a key component of Docker Engine, Docker Desktop, a...
Authz zero length regression
GHSA-v23v-6jw2-98fq CVE-2024-41110 CRITICAL published over 1 year ago • updated 7 days ago
A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass [authorization plugins (Au...
Recent PRs (filtered by: Patch PRs )
chore(deps): bump the engine group across 2 directories with 27 updates

dagger/dagger #10972

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Closed 6 months ago 1 comment
dagger
chore(deps): bump the all-dependencies group with 9 updates

tensorchord/envd #2037

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 6 months ago
tensorchord
build(deps): bump the dependencies group across 1 directory with 9 updates

nektos/act #5920

28.3.0+incompatible → 28.3.3+incompatible Patch PR
Open 6 months ago 4 comments
nektos
chore(deps): bump the engine group across 1 directory with 24 updates

sipsma/dagger #1099

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 6 months ago 1 comment
sipsma
chore(deps): bump the engine group across 2 directories with 24 updates

dagger/dagger #10919

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 6 months ago 1 comment
dagger
chore(deps): bump the go-deps group with 5 updates

kubernetes-sigs/karpenter #2442

28.3.2+incompatible → 28.3.3+incompatible Patch PR
Open 6 months ago 2 comments
kubernetes-sigs
Bump the major-dependencies group across 1 directory with 2 updates

Mirantis/cri-dockerd #496

25.0.8+incompatible → 25.0.12+incompatible Patch PR
Open 6 months ago 4 comments
Mirantis
Package Details
Name: github.com/docker/docker
Ecosystem: go
PURL Type: golang
Package URL: pkg:golang/github.com/docker/docker
JSON API: View JSON
Security Advisories

29

Active advisories
CRITICAL 2
HIGH 8
MODERATE 16
LOW 3
View All golang Advisories
Package Information
Description:

Repository: https://github.com/docker/docker
Homepage: https://github.com/docker/docker
Latest Release: v28.2.2+incompatible
9 months ago
Dependent Repos: 40,103
Dependent Packages: 16,935
Ranking: Top 0.0289% by dependent repos Top 0.0137% by dependent pkgs
PR Status
Open 2,532 (47.1%)
Merged 824 (15.3%)
Closed 1,628 (30.3%)
PR Types
Minor 2,012 (37.4%)
Major 2,003 (37.2%)
Patch 967 (18.0%)