CVE-2014-5282

Опубликовано: 06 фев. 2018

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5.5

CVSS3: 8.1

Описание

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

Релиз	Статус	Примечание
devel	not-affected	1.3.0~dfsg1-1
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [1.6.2~dfsg1-1ubuntu4~14.04.1]]
esm-infra/xenial	not-affected	1.3.0~dfsg1-1
lucid	DNE
precise	DNE
precise/esm	DNE
trusty	not-affected	1.6.2~dfsg1-1ubuntu4~14.04.1
trusty/esm	DNE	trusty was not-affected [1.6.2~dfsg1-1ubuntu4~14.04.1]
upstream	released	1.3.0~dfsg1-1
utopic	ignored	end of life

Показывать по

Ссылки на источники

https://www.cve.org/CVERecord?id=CVE-2014-5282

EPSS

Процентиль: 62%

0.00436

Низкий

5.5 Medium

CVSS2

8.1 High

CVSS3

Связанные уязвимости

CVE-2014-5282

redhat

больше 10 лет назад

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

CVE-2014-5282

CVSS3: 8.1

nvd

больше 7 лет назад

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

CVE-2014-5282

CVSS3: 8.1

msrc

почти 4 года назад

Описание отсутствует

CVE-2014-5282

CVSS3: 8.1

debian

больше 7 лет назад

Docker before 1.3 does not properly validate image IDs, which allows r ...

GHSA-68xv-f463-9gx3

CVSS3: 8.1

github

около 3 лет назад

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

EPSS

Процентиль: 62%

0.00436

Низкий

5.5 Medium

CVSS2

8.1 High

CVSS3

CVE-2014-5282

Описание

Пакет docker.io

Ссылки на источники

Связанные уязвимости