5 matches found
Docker for Windows stable < 18.06.0-ce-win70 / edge < 18.06.0-ce-rc3-win68 Remote Privilege Escalation Vulnerability
The version of Docker for Windows installed on the remote Windows host is stable channel 18.06.0-ce-win70 or edge channel 18.06.0-ce-rc3-win68. It is, therefore, affected by a remote privilege escalation vulnerability. C Tenable Network Security, Inc. include'compat.inc'; if description...
Docker for Windows Privilege Escalation Vulnerability (Aug 2018)
Docker for Windows is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2018-15514
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 edge and before 18.06.0-ce-win72 stable deserialized requests over the \.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users"...
CVE-2018-15514
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 edge and before 18.06.0-ce-win72 stable deserialized requests over the \.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users"...
CVE-2018-15514
Docker for Windows is affected by CVE-2018-15514 due to HandleRequestAsync deserialization of untrusted data over the dockerBackend NamedPipe, allowing local privilege escalation to SYSTEM for users in the docker-users group. Affected builds are stable < 18.06.0-ce-win70 and edge