GO-2025-3830
and 5 other vulnerabilities
GO-2025-3830 : Moby firewalld reload makes published container ports accessible from remote hosts in github.com/docker/docker
GO-2026-4883 : Moby has an Off-by-one error in its plugin privilege validation in github.com/docker/docker
GO-2026-4887 : Moby has AuthZ plugin bypass when provided oversized request bodies in github.com/docker/docker
GO-2026-5617 : Docker: Race condition in docker cp allows bind mount redirection to host path in github.com/docker/docker
GO-2026-5668 : Docker: Race condition in docker cp allows creation of arbitrary empty files on the host via symlink swap in github.com/docker/docker
GO-2026-5746 : Docker: `PUT /containers/{id}/archive` executes container binary on the host in github.com/docker/docker
Discover Packages
github.com/docker/docker
libcontainerd
supervisor
package
Version:
v28.3.0-rc.2+incompatible
Opens a new window with list of versions in this module.
Published: Jun 20, 2025
License: Apache-2.0
Opens a new window with license information.
Imports: 20
Opens a new window with list of imports.
Imported by: 124
Opens a new window with list of known importers.
Documentation
¶
Rendered for
linux/amd64
windows/amd64
darwin/amd64
js/wasm
Daemon represents a running containerd daemon
Start starts a containerd daemon and monitors it
type DaemonOpt func(c *remote) error
DaemonOpt allows to configure parameters of container daemons
WithCRIDisabled disables the CRI plugin.
WithDetectLocalBinary checks if a containerd binary is present in the same
directory as the dockerd binary, and overrides the path of the containerd
binary to start if found. If no binary is found, no changes are made.
WithLogFormat defines the containerd log format.
This only makes sense if WithStartDaemon() was set to true.
WithLogLevel defines which log level to start containerd with.
¶
Click to show internal directories.
Click to hide internal directories.
Affected by 
Documentation
¶
Source Files