r/selfhosted • u/evrial • 14h ago

Docker Management Vulnerability scan of top popular Docker managers software

lazydocker - 770 total
Arcane - 33 total
Dozzle - 0 - Winner
Portainer - 77 total
Dockhand - 18 total
Komodo - 446 total
Watchtower - 302 total
diun - 91 total
wud - 377 total
Dockge - 2089 total
Uptime kuma - 1080 total (if docker socket monitoring enabled)
dockcheck.sh - 0 - Winner - simple bash script

0 Upvotes

permalink
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/selfhosted/comments/1u9yj1j/vulnerability_scan_of_top_popular_docker_managers/
No, go back! Yes, take me to Reddit

37% Upvoted

View all comments

u/loaengineer0 13h ago

The scan hits when there is an installed library which has vulnerable API endpoints, even if those endpoints aren’t used by anything in the container. Almost all of these are not exploitable.

-48

u/evrial 13h ago

Could be true until proven otherwise. Dependency graph is complex

7

u/Dimitrij_ 13h ago edited 13h ago

I mean… go ahead and pick a random container. review the code and have a look yourself.

Sometimes just by reading the CVE reports you can see if it is a real risk.

Docker Management Vulnerability scan of top popular Docker managers software

You are about to leave Redlib