Search for packages
| purl | pkg:deb/debian/docker.io@18.09.1%2Bdfsg1-8?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-u44m-mgza-nfcx | Secret insertion into debug log in Docker In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario where docker stack deploy is run to redeploy a stack that includes (non external) secrets. It potentially applies to other API users of the stack API if they resend the secret. |
CVE-2019-13509
GHSA-j249-ghv5-7mxv |
| VCID-yt33-nmzd-r3cs | docker: command injection due to a missing validation of the git ref command |
CVE-2019-13139
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T10:25:16.815514+00:00 | Debian Importer | Fixing | VCID-u44m-mgza-nfcx | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T09:46:29.518548+00:00 | Debian Importer | Fixing | VCID-yt33-nmzd-r3cs | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T07:01:41.938630+00:00 | Debian Importer | Fixing | VCID-u44m-mgza-nfcx | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T06:31:38.309225+00:00 | Debian Importer | Fixing | VCID-yt33-nmzd-r3cs | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-02T17:08:04.765964+00:00 | Debian Importer | Fixing | VCID-u44m-mgza-nfcx | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-02T17:05:53.113151+00:00 | Debian Importer | Fixing | VCID-yt33-nmzd-r3cs | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |