Lucene search
K

93 matches found

UbuntuCve
UbuntuCve
added 2014/12/16 6:59 p.m.26 views

CVE-2014-9357

Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted 1 image or 2 build in a Dockerfile in an LZMA .xz archive, related to the chroot for archive extraction...

10CVSS7.5AI score0.06452EPSS
Exploits0References2
CVE
CVE
added 2014/12/16 6:0 p.m.85 views

CVE-2014-9358

Docker before 1.3.3 is affected by CVE-2014-9358: it does not properly validate image IDs, enabling remote attackers to perform path traversal and spoof repositories via crafted images in docker load or during registry communications. Affected product: Docker engine up to 1.3.3 (CVE-2014-9358). R...

6.4CVSS8.1AI score0.02527EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2014/12/12 3:59 p.m.18 views

Design/Logic Flaw

Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image...

5CVSS7.2AI score0.03138EPSS
Exploits0References6Affected Software1
UbuntuCve
UbuntuCve
added 2014/12/12 3:59 p.m.33 views

CVE-2014-6408

Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image...

5CVSS7.1AI score0.03138EPSS
Exploits0References1
CVE
CVE
added 2014/12/12 3:0 p.m.81 views

CVE-2014-6407

CVE-2014-6407 affects Docker up to 1.3.2, where attackers could write arbitrary files and execute code via a symlink or hard link attack in an image archive during pull or load. Evidence from connected docs shows fixed in the openSUSE/SUSE docker 1.3.2 update (docker-docker-stable forks) addressi...

7.5CVSS8.2AI score0.04909EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2014/12/12 3:0 p.m.28 views

CVE-2014-6407

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a 1 symlink or 2 hard link attack in an image archive in a a pull or b load operation...

7.5CVSS8AI score0.04909EPSS
Exploits0
Cvelist
Cvelist
added 2014/12/12 3:0 p.m.39 views

CVE-2014-6408

Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image...

8.1AI score0.03138EPSS
Exploits0References6
NVD
NVD
added 2014/07/11 2:55 p.m.26 views

CVE-2014-3499

Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors...

7.2CVSS6.3AI score0.00393EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2014/07/11 2:55 p.m.32 views

CVE-2014-3499

Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors...

7.2CVSS7.1AI score0.00393EPSS
Exploits1References1
Cvelist
Cvelist
added 2014/07/11 2:0 p.m.35 views

CVE-2014-3499

Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors...

6.2AI score0.00393EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2014/07/11 2:0 p.m.26 views

CVE-2014-3499

Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors...

7.2CVSS7.5AI score0.00393EPSS
Exploits1
Exploit DB
Exploit DB
added 2014/06/18 12:0 a.m.38 views

Docker 0.11 - VMM-Container Breakout

/ shocker: docker PoC VMM-container breakout C 2014 Sebastian Krahmer Demonstrates that any given docker image someone is asking you to run in your docker setup can access ANY file on your host, e.g. dumping hosts /etc/shadow or other sensitive info, compromising security of the host and any othe...

7.4AI score
Exploits0
0day.today
0day.today
added 2014/06/18 12:0 a.m.42 views

docker 0.11 VMM-container Breakout

Exploit for linux platform in category local exploits / shocker: docker PoC VMM-container breakout C 2014 Sebastian Krahmer Demonstrates that any given docker image someone is asking you to run in your docker setup can access ANY file on your host, e.g. dumping hosts /etc/shadow or other sensitiv...

6.8AI score
Exploits0
Rows per page
Query Builder