Affected by GO-2022-0985
and 10 other vulnerabilities
GO-2022-0985: Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker
GO-2022-1107: Container build can leak any path on the host into the container in github.com/docker/docker
GO-2023-1699: Docker Swarm encrypted overlay network may be unauthenticated in github.com/docker/docker
GO-2023-1700: Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker
GO-2023-1701: Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker
GO-2025-3829: Moby firewalld reload removes bridge network isolation in github.com/docker/docker
GO-2026-4883: Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
GO-2026-4887: Moby has AuthZ plugin bypass when provided oversized request bodies in github.com/docker/docker
GO-2026-5617: Docker: Race condition in docker cp allows bind mount redirection to host path in github.com/docker/docker
GO-2026-5668: Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap in github.com/docker/docker
GO-2026-5746: Docker: `PUT /containers/{id}/archive` executes container binary on the host in github.com/docker/docker
Package locker provides a mechanism for creating finer-grained locking to help
free up more global locks to handle other tasks.
The implementation looks close to a sync.Mutex, however the user must provide a
reference to use to refer to the underlying lock when locking and unlocking,
and unlock may generate an error.
If a lock with a given name does not exist when `Lock` is called, one is
created.
Lock references are automatically cleaned up on `Unlock` if nothing else is
waiting for the lock.
Affected by 
Documentation
¶
Source Files