Lucene search
GoogleOSV:GHSA-997C-FJ8J-RQ5HHistoryFeb 15, 2022 - 1:57 a.m.
Arbitrary Code Execution
2022-02-1501:57:18
Google
osv.dev
10
0.014 Low
EPSS
Percentile
86.6%
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/docker/docker | lt | 1.3.3 |
References
www.securityfocus.com/archive/1/534215/100/0/threaded
github.com/docker/docker/compare/aef842e7dfb534aba22c3c911de525ce9ac12b72...313a1b7620910e47d888f8b0a6a5eb06ad9c1ff2
github.com/moby/moby/blob/master/CHANGELOG.md#133-2014-12-11
groups.google.com/forum/#!msg/docker-user/nFAz-B-n4Bw/0wr3wvLsnUwJ
groups.google.com/forum/#%21msg/docker-user/nFAz-B-n4Bw/0wr3wvLsnUwJ
nvd.nist.gov/vuln/detail/CVE-2014-9357
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9357
Related
veracode
veracode
Remote Code Execution (RCE)
2017-05-03 08:53:24
nvd
nvd
CVE-2014-9357
2014-12-16 18:59:15
cve
cve
CVE-2014-9357
2014-12-16 18:59:15
cvelist
cvelist
CVE-2014-9357
2014-12-16 18:00:00
prion
prion
Code injection
2014-12-16 18:59:00
debiancve
debiancve
CVE-2014-9357
2014-12-16 18:59:15
github
github
Arbitrary Code Execution
2022-02-15 01:57:18
ubuntucve
ubuntucve
CVE-2014-9357
2014-12-16 00:00:00
redhat
redhat
(RHSA-2015:0623) Low: docker security, bug fix, and enhancement update
2015-03-05 00:00:00
securityvulns
securityvulns
Docker 1.3.3 - Security Advisory [11 Dec 2014]
2014-12-22 00:00:00
Docker multiple security vulnerabilities
2014-12-22 00:00:00
nessus
nessus
Oracle Linux 6 / 7 : docker (ELSA-2014-3110)
2015-01-02 00:00:00
RHEL 7 : docker (RHSA-2015:0623)
2015-03-05 00:00:00
Fedora 20 : docker-io-1.4.1-6.fc20 (2015-1128)
2015-01-26 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-461)
2015-09-08 00:00:00
Oracle: Security Advisory (ELSA-2014-3110)
2015-10-06 00:00:00
Docker < 1.3.3 Multiple Vulnerabilities
2021-09-08 00:00:00
archlinux
archlinux
docker: multiple issues
2014-12-15 00:00:00
oraclelinux
oraclelinux
docker security update
2014-12-30 00:00:00
amazon
amazon
Critical: docker
2014-12-11 16:40:00
fedora
fedora
[SECURITY] Fedora 21 Update: docker-io-1.4.0-1.fc21
2014-12-15 04:32:25
[SECURITY] Fedora 20 Update: docker-io-1.4.1-6.fc20
2015-01-26 02:35:37