Lucene search
DellCVELIST:CVE-2017-14388HistoryNov 13, 2017 - 5:00 p.m.
CVE-2017-14388
2017-11-1317:00:00
dell
www.cve.org
4
EPSS
0.001
Percentile
30.9%
Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. For example, this could allow an attacker to provide an image layer that GrootFS would consider to be the Ubuntu base layer.
CNA Affected
[
{
"product": "GrootFS release GrootFS release 0.3.x versions prior to 0.30.0",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "GrootFS release GrootFS release 0.3.x versions prior to 0.30.0"
}
]
}
]References
Related
nvd
nvd
CVE-2017-14388
2017-11-13 17:29:00
prion
prion
Design/Logic Flaw
2017-11-13 17:29:00
cloudfoundry
cloudfoundry
CVE-2017-14388: GrootFS doesn't validate DiffIDs | Cloud Foundry
2017-11-09 00:00:00
osv
osv
CVE-2017-14388
2017-11-13 17:29:00
cve
cve
CVE-2017-14388
2017-11-13 17:29:00