CVE-2014-6407

Опубликовано: 12 дек. 2014

Источник: debian

Описание

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
docker.io	fixed	1.3.2~dfsg1-1		package

Связанные уязвимости

CVE-2014-6407

ubuntu

около 11 лет назад

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

CVE-2014-6407

redhat

около 11 лет назад

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

CVE-2014-6407

nvd

около 11 лет назад

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

CVE-2014-6407

msrc

больше 4 лет назад

Описание отсутствует

GHSA-5qgp-p5jc-w2rm

CVSS3: 7.3

github

почти 4 года назад

Arbitrary Code Execution in Docker