Linux Distros Unpatched Vulnerability : CVE-2016-4383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause...

SUSE CVE-2016-4383

The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change...

Docker < 1.3.3 Multiple Vulnerabilities

Docker is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

UBUNTU-CVE-2014-5282

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'...

CVE-2016-4383

An immutability flaw was discovered in openstack-glance, where the glance-manage DB allows deleted image IDs to be reassigned. The flaw could be exploited to allow remote authenticated users to cause other users to boot into a malicious image without knowing it. Mitigation For this flaw to be...

DEBIAN-CVE-2016-4383

The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change...

UBUNTU-CVE-2016-4383

The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change...

CVE-2016-4383

The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change...

CVE-2016-4383

The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change...

CVE-2016-4383

The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change...

CVE-2016-4383

The glance-manage db in all versions of HPE Helion Openstack Glance allows deleted image ids to be reassigned, which allows remote authenticated users to cause other users to boot into a modified image without notification of the change...

CVE-2016-4383

CVE-2016-4383 affects the OpenStack image service component in HPE Helion OpenStack Glance. The vulnerability lies in the glance-manage database, where deleted image IDs can be reassigned. This can allow remote authenticated users to cause other users to boot into a modified image without notific...

Directory Traversal

github.com/docker/docker is vulnerable to path traversal attacks and spoofed repositories. These attacks are possible because Docker fails to correctly validate image IDs when using docker load or register communications...

SUSE SLES12 Security Update : docker (SUSE-SU-2015:0082-1)

This docker version upgrade fixes the following security and non security issues, and adds the also additional features : - Updated to 1.4.1 2014-12-15 : - Runtime : - Fix issue with volumes-from and bind mounts not being honored after create fixes bnc913213 - Added e2fsprogs as runtime dependenc...

openSUSE Security Update : docker (openSUSE-SU-2014:1722-1)

This docker version update fixes the following security and non security issues and adds additional features. - Updated to 1.4.0 2014-12-11 : - Notable Features since 1.3.0 : - Set key=value labels to the daemon displayed in docker info, applied with new -label daemon flag - Add support for ENV i...

Path traversal

Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a 1 "docker load" operation or 2 "registry communications."...

Critical: docker

Issue Overview: Path traversal attacks are possible in the processing of absolute symlinks. In checking symlinks for traversals, only relative links were considered. This allowed path traversals to exist where they should have otherwise been prevented. This was exploitable via both archive...