CVE-2014-5282

Опубликовано: 16 окт. 2014

Источник: redhat

CVSS2: 1.2

EPSS Низкий

Описание

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 7	docker	Affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1168436docker: tagging image to ID can redirect images on subsequent pulls

EPSS

Процентиль: 61%

0.00414

Низкий

1.2 Low

CVSS2

Связанные уязвимости

CVE-2014-5282

CVSS3: 8.1

ubuntu

почти 8 лет назад

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

CVE-2014-5282

CVSS3: 8.1

nvd

почти 8 лет назад

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

CVE-2014-5282

CVSS3: 8.1

msrc

больше 4 лет назад

Описание отсутствует

CVE-2014-5282

CVSS3: 8.1

debian

почти 8 лет назад

Docker before 1.3 does not properly validate image IDs, which allows r ...

GHSA-68xv-f463-9gx3

CVSS3: 8.1

github

больше 3 лет назад

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

EPSS

Процентиль: 61%

0.00414

Низкий

1.2 Low

CVSS2