Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-3630

Опубликовано: 18 мая 2015
Источник: ubuntu
Приоритет: medium
CVSS2: 7.2

Описание

Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.

РелизСтатусПримечание
devel

not-affected

1.13.1-0ubuntu4
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was released [1.6.2~dfsg1-1ubuntu4~14.04.1]]
esm-infra/xenial

released

1.6.2~dfsg1-1ubuntu4
precise

DNE

precise/esm

DNE

trusty

released

1.6.2~dfsg1-1ubuntu4~14.04.1
trusty/esm

DNE

trusty was released [1.6.2~dfsg1-1ubuntu4~14.04.1]
upstream

released

1.6.1
utopic

ignored

end of life
vivid

ignored

end of life

Показывать по

Ссылки на источники

7.2 High

CVSS2

Связанные уязвимости

redhat логотип

CVE-2015-3630

redhat
больше 10 лет назад

Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.

nvd логотип

CVE-2015-3630

nvd
больше 10 лет назад

Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.

msrc логотип

CVE-2015-3630

msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2015-3630

debian
больше 10 лет назад

Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, ...

github логотип

GHSA-8fvr-5rqf-3wwh

CVSS3: 8.4
github
больше 3 лет назад

Information Exposure in Docker Engine

7.2 High

CVSS2