8 matches found
Docker < 1.6.1 Multiple Vulnerabilities
Docker is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2015-3630 affecting package moby-buildx 0.4.1-3
CVE-2015-3630 affecting package moby-buildx 0.4.1-3. An upgraded version of the package is available that resolves this issue...
SUSE: Security Advisory (SUSE-SU-2015:0984-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Docker and Python as used in IBM QRadar SIEM is vulnerable to various CVEs.
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2016-3697 DESCRIPTION: Docker could allow a local attacker to gain elevated privileges on the system, caused by an error in...
Amazon Linux: Security Advisory (ALAS-2015-522)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES12 Security Update : docker (SUSE-SU-2015:0984-1)
The Linux container runtime environment Docker was updated to version 1.6.2 to fix several security and non-security issues. - Security : - Fix read/write /proc paths. CVE-2015-3630 - Prohibit VOLUME /proc and VOLUME /. CVE-2015-3631 - Fix opening of file-descriptor 1. CVE-2015-3627 - Fix symlink...
openSUSE Security Update : docker (openSUSE-2015-365)
docker was updated to version 1.6.1 to fix several security and non-security issues. - Updated to version 1.6.1 2015-05-07 bnc930235 - Security - Fix read/write /proc paths CVE-2015-3630 - Prohibit VOLUME /proc and VOLUME / CVE-2015-3631 - Fix opening of file-descriptor 1 CVE-2015-3627 - Fix...
CVE-2015-3630
Docker Engine prior to 1.6.1 is vulnerable to CVE-2015-3630 due to weak permissions on /proc paths (/proc/asound, /proc/timer_stats, /proc/latency_stats, /proc/fs). This lets a local attacker modify the host, access sensitive information, and, via a crafted image, enable protocol downgrade attack...