Lucene search
K

9 matches found

OSV
OSV
added 2026/05/19 11:8 p.m.11 views

MAL-2026-4606 Malicious code in martinez-polygon-clipping-tony (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dabf04b2f99e28eb10740bd7459bf64513fac98a064b60071b1e7aabf8674dd0 Package name impersonates the legitimate martinez-polygon-clipping library: README, badges, and API surface are copied verbatim, while repository...

5.7AI score
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2021/07/16 12:0 a.m.6 views

Docker before 1.3.3 does not properly validate image IDs which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications."

...

6.4CVSS7AI score0.02527EPSS
Exploits0
OSV
OSV
added 2014/12/16 6:59 p.m.2 views

DEBIAN-CVE-2014-9358

Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a 1 "docker load" operation or 2 "registry communications."...

6.4CVSS7.3AI score0.02527EPSS
Exploits0References1
OSV
OSV
added 2014/12/16 6:59 p.m.4 views

UBUNTU-CVE-2014-9358

Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a 1 "docker load" operation or 2 "registry communications."...

6.4CVSS7.1AI score0.02527EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2014/12/16 6:59 p.m.21 views

CVE-2014-9358

Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a 1 "docker load" operation or 2 "registry communications."...

6.4CVSS7.1AI score0.02527EPSS
Exploits0References2
CVE
CVE
added 2014/12/16 6:0 p.m.86 views

CVE-2014-9358

Docker before 1.3.3 is affected by CVE-2014-9358: it does not properly validate image IDs, enabling remote attackers to perform path traversal and spoof repositories via crafted images in docker load or during registry communications. Affected product: Docker engine up to 1.3.3 (CVE-2014-9358). R...

6.4CVSS8.1AI score0.02527EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2014/12/16 12:0 a.m.4 views

PT-2014-8958 · Docker +1 · Docker +1

Name of the Vulnerable Software and Affected Versions: Docker versions prior to 1.3.3 Description: The issue allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a "docker load" operation or "registry communications." This is due to improper...

10CVSS5.9AI score0.06452EPSS
Exploits1References32
Tenable Nessus
Tenable Nessus
added 2014/12/15 12:0 a.m.34 views

Amazon Linux AMI : docker (ALAS-2014-461)

Path traversal attacks are possible in the processing of absolute symlinks. In checking symlinks for traversals, only relative links were considered. This allowed path traversals to exist where they should have otherwise been prevented. This was exploitable via both archive extraction and through...

10CVSS7.7AI score0.06452EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2014/12/10 11:38 a.m.6 views

docker: Path traversal and spoofing opportunities presented through image identifiers

Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a 1 "docker load" operation or 2 "registry communications."...

6.4CVSS7.2AI score0.02527EPSS
Exploits0References5
Rows per page
Query Builder