Lucene search
RedhatCVELIST:CVE-2014-8178HistoryDec 04, 2019 - 3:05 p.m.
CVE-2014-8178
2019-12-0415:05:02
redhat
www.cve.org
2
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands.
CNA Affected
[
{
"product": "Docker Engine",
"vendor": "Docker",
"versions": [
{
"status": "affected",
"version": "before 1.8.3"
}
]
},
{
"product": "CS Docker Engine",
"vendor": "Docker",
"versions": [
{
"status": "affected",
"version": "before 1.6.2-CS7"
}
]
}
]References
Related
cbl_mariner
cbl_mariner
CVE-2014-8178 affecting package moby-buildx 0.4.1-3
2021-07-08 21:56:42
ubuntucve
ubuntucve
CVE-2014-8178
2019-12-17 00:00:00
nvd
nvd
CVE-2014-8178
2019-12-17 14:15:16
cve
cve
CVE-2014-8178
2019-12-17 14:15:16
veracode
veracode
Image Cache Poisoning
2019-12-18 02:22:04
prion
prion
Command injection
2019-12-17 14:15:00
debiancve
debiancve
CVE-2014-8178
2019-12-17 14:15:16
oraclelinux
oraclelinux
docker-engine security update
2015-10-14 00:00:00
suse
suse
Security update for docker (important)
2015-10-15 13:26:51
nessus
nessus
openSUSE Security Update : docker (openSUSE-2015-666)
2015-10-19 00:00:00
openSUSE Security Update : docker (openSUSE-2015-792)
2015-11-24 00:00:00
Oracle Linux 6 / 7 : docker-engine (ELSA-2015-3085)
2015-10-15 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:1757-1)
2021-06-09 00:00:00
Docker < 1.8.3 Multiple Vulnerabilities
2021-09-08 00:00:00
Mageia: Security Advisory (MGASA-2016-0043)
2016-02-08 00:00:00
mageia
mageia
Updated docker/golang packages fix security vulnerability
2016-02-05 20:26:09