CVE-2014-6407

Опубликовано: 12 дек. 2014

Источник: debian

EPSS Низкий

Описание

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
docker.io	fixed	1.3.2~dfsg1-1		package

EPSS

Процентиль: 90%

0.05577

Низкий

Связанные уязвимости

CVE-2014-6407

ubuntu

больше 10 лет назад

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

CVE-2014-6407

redhat

больше 10 лет назад

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

CVE-2014-6407

nvd

больше 10 лет назад

Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.

CVE-2014-6407

msrc

почти 4 года назад

Описание отсутствует

GHSA-5qgp-p5jc-w2rm

CVSS3: 7.3

github

больше 3 лет назад

Arbitrary Code Execution in Docker

EPSS

Процентиль: 90%

0.05577

Низкий