Lucene search
Veracode Vulnerability DatabaseVERACODE:4164HistoryMay 03, 2017 - 8:53 a.m.
Remote Code Execution (RCE)
2017-05-0308:53:24
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
0.014 Low
EPSS
Percentile
86.6%
github.com/docker/docker is vulnerable to remote code execution (RCE) attacks. This allows attackers to execute code with root privileges through an image or build in a Dockerfile in an LZMA (.xz) archive.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/docker/docker | eq | HEAD | |
| github.com/docker/docker | eq | 1.3.2 |
References
www.securityfocus.com/archive/1/534215/100/0/threaded
github.com/docker/docker/compare/aef842e7dfb534aba22c3c911de525ce9ac12b72...313a1b7620910e47d888f8b0a6a5eb06ad9c1ff2
groups.google.com/forum/#!msg/docker-user/nFAz-B-n4Bw/0wr3wvLsnUwJ
groups.google.com/forum/#%21msg/docker-user/nFAz-B-n4Bw/0wr3wvLsnUwJ
Related
nvd
nvd
CVE-2014-9357
2014-12-16 18:59:15
osv
osv
Arbitrary Code Execution
2022-02-15 01:57:18
cve
cve
CVE-2014-9357
2014-12-16 18:59:15
cvelist
cvelist
CVE-2014-9357
2014-12-16 18:00:00
prion
prion
Code injection
2014-12-16 18:59:00
debiancve
debiancve
CVE-2014-9357
2014-12-16 18:59:15
github
github
Arbitrary Code Execution
2022-02-15 01:57:18
ubuntucve
ubuntucve
CVE-2014-9357
2014-12-16 00:00:00
redhat
redhat
(RHSA-2015:0623) Low: docker security, bug fix, and enhancement update
2015-03-05 00:00:00
securityvulns
securityvulns
Docker 1.3.3 - Security Advisory [11 Dec 2014]
2014-12-22 00:00:00
Docker multiple security vulnerabilities
2014-12-22 00:00:00
nessus
nessus
Oracle Linux 6 / 7 : docker (ELSA-2014-3110)
2015-01-02 00:00:00
RHEL 7 : docker (RHSA-2015:0623)
2015-03-05 00:00:00
Fedora 20 : docker-io-1.4.1-6.fc20 (2015-1128)
2015-01-26 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-461)
2015-09-08 00:00:00
Oracle: Security Advisory (ELSA-2014-3110)
2015-10-06 00:00:00
Docker < 1.3.3 Multiple Vulnerabilities
2021-09-08 00:00:00
archlinux
archlinux
docker: multiple issues
2014-12-15 00:00:00
oraclelinux
oraclelinux
docker security update
2014-12-30 00:00:00
amazon
amazon
Critical: docker
2014-12-11 16:40:00
fedora
fedora
[SECURITY] Fedora 21 Update: docker-io-1.4.0-1.fc21
2014-12-15 04:32:25
[SECURITY] Fedora 20 Update: docker-io-1.4.1-6.fc20
2015-01-26 02:35:37