CVE-2016-8867

Опубликовано: 28 окт. 2016

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.

Ссылки

http://www.securityfocus.com/bid/94228
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037203
https://www.docker.com/docker-cve-database
Vendor Advisory
http://www.securityfocus.com/bid/94228
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1037203
https://www.docker.com/docker-cve-database
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:docker:docker:1.12.2:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00367

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2016-8867

CVSS3: 7.5

redhat

больше 9 лет назад

CVE-2016-8867

CVSS3: 7.5

debian

больше 9 лет назад

Docker Engine 1.12.2 enabled ambient capabilities with misconfigured c ...

openSUSE-SU-2016:3009-1

suse-cvrf

около 9 лет назад

Security update for containerd, docker, runc

SUSE-SU-2016:3084-1

suse-cvrf

около 9 лет назад

Security update for Docker and dependencies

SUSE-SU-2025:03545-1

suse-cvrf

4 месяца назад

Security update for docker-stable

EPSS

Процентиль: 58%

0.00367

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-264