10 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-8178
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for...
CVE-2014-8178 affecting package moby-buildx 0.4.1-3
CVE-2014-8178 affecting package moby-buildx 0.4.1-3. An upgraded version of the package is available that resolves this issue...
SUSE: Security Advisory (SUSE-SU-2015:1757-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2014-8178
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands...
UBUNTU-CVE-2014-8178
Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands...
CVE-2014-8178
CVE-2014-8178 affects Docker Engine prior to 1.8.3 and CS Docker Engine prior to 1.6.2-CS7. The root cause is failure to use globally unique identifiers to store image layers, enabling an attacker to poison the image cache via crafted images in pull or push operations. Mitigation: upgrade to the ...
Mageia: Security Advisory (MGASA-2016-0043)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : docker (openSUSE-2015-666)
Docker was updated to 1.8.3 to fix two security issues. The following vulnerabilities were fixed : - CVE-2014-8178: layer IDs lead to local graph poisoning boo949660 - CVE-2014-8179: manifest validation and parsing logic errors allow pull-by-digest validation bypass In addition, the following...
Oracle Linux 6 / 7 : docker-engine (ELSA-2015-3085)
The remote Oracle Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2015-3085 advisory. - Fix layer IDs lead to local graph poisoning CVE-2014-8178 - Fix manifest validation and parsing logic errors allow pull-by-digest validation bypa...
Oracle: Security Advisory (ELSA-2015-3085)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...