Detections
Analytics
Docker Engine 29.3.1 Multiple Vulnerabilities
high Nessus Plugin ID 304803
Synopsis
The remote host has an application installed that is affected by multiple vulnerabilities.Description
The version of the Docker Engine installed on the remote host is prior to 29.3.1. It is therefore affected by multiple vulnerabilities:- CVE-2026-34040: AuthZ plugin authorization bypass vulnerability. Authorization plugins could be bypassed under specific conditions, potentially allowing unauthorized access.
- CVE-2026-33997: Plugin privilege validation bypass vulnerability in 'docker plugin install' command.
A flaw in privilege validation could be partially bypassed, potentially leading to unauthorized privilege escalation.
- CVE-2026-33748: BuildKit Git URL validation vulnerability. Insufficient validation of Git URL '#ref:subdir' fragments could allow access to files outside the intended repository scope, leading to unauthorized information disclosure.
- CVE-2026-33747: BuildKit arbitrary file write vulnerability. An untrusted frontend could cause files to be written outside the BuildKit state directory, potentially allowing local privilege escalation or unauthorized file writes.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to Docker Engine version 29.3.1 or laterSee Also
Plugin Details
Severity: High
ID: 304803
File Name: docker_29_3_1.nasl
Version: 1.1
Type: Local
Agent: unix
Family: Misc.
Published: 4/3/2026
Updated: 4/3/2026
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v3
Risk Factor: High
Base Score: 7.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/a:docker:docker
Required KB Items: installed_sw/Docker
Patch Publication Date: 3/25/2026
Vulnerability Publication Date: 3/25/2026
Reference Information
CVE: CVE-2026-33747, CVE-2026-33748, CVE-2026-33997, CVE-2026-34040
IAVA: 2026-A-0291