Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

51 – 53 of 53 results

CVE-2014-6407

Medium priority
Ignored

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

1 affected packages

docker.io

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
docker.io Not affected
Show less packages

CVE-2014-5277

Medium priority

Some fixes available 1 of 2

Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by...

1 affected packages

docker.io

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
docker.io Not affected
Show less packages

CVE-2014-3499

High priority
Ignored

Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

1 affected packages

docker.io

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
docker.io Not affected
Show less packages
  1. Previous page
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. Next page
Export to JSON