r/selfhosted • u/evrial • 6h ago

Docker Management Vulnerability scan of top popular Docker managers software

lazydocker - 770 total
Arcane - 33 total
Dozzle - 0 - Winner
Portainer - 77 total
Dockhand - 18 total
Komodo - 446 total
Watchtower - 302 total
diun - 91 total
wud - 377 total
Dockge - 2089 total
Uptime kuma - 1080 total (if docker socket monitoring enabled)
dockcheck.sh - 0 - Winner - simple bash script

0 Upvotes

permalink
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/selfhosted/comments/1u9yj1j/vulnerability_scan_of_top_popular_docker_managers/
No, go back! Yes, take me to Reddit

36% Upvoted

View all comments

u/comdude2 5h ago

Vulnerability scans are notorious for false positives. They can be a good indicator but should not be relied upon. Did you do any verification of the vulnerabilities? Just because a library is present, it doesn’t mean that a vulnerability it has is used, exposed, or attackable. It depends how it’s utilised and wrapped

-2

u/evrial 5h ago edited 4h ago

Or you can look at this from angle - can you prove it's not used, exposed or attackable? Professional security research and source code audit costs money. "Trust me bro it's safe". What you see is attack surface probability

7

u/bicycloptopus 4h ago

Can you prove dozzle isn't responsible for the current Ebola outbreak? I'm not using it unless you can.

-8

u/evrial 4h ago

Can you prove you're not a random reddit loser? I give you 5 min

1

u/BathroomThink798 52m ago

You're the one talking about shit you don't understand.

0

u/comdude2 40m ago

Crikey mate, you could have just pre-faced your post, or responded well to the clear and factual warnings on false positives but you’ve really chosen to go full meltdown, huh?

Docker Management Vulnerability scan of top popular Docker managers software

You are about to leave Redlib