CVE-2014-6408

MEDIUM

Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image.

CVSS v2.0 Score

5.0

/ 10.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N

Information

Published: 12 déc. 2014
Updated: 12 avr. 2025
Status: Deferred
Source: cve@mitre.org

Affected products

docker dockerAll Docker CVEs →

Versions : 1.3.0, 1.3.1

Weaknesses (CWE)

CWE-264

References (12)

http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145154.html
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00009.html
http://secunia.com/advisories/60171
http://secunia.com/advisories/60241
http://www.openwall.com/lists/oss-security/2014/11/24/5
https://docs.docker.com/v1.3/release-notes/
Vendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145154.html
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00009.html
http://secunia.com/advisories/60171
http://secunia.com/advisories/60241
http://www.openwall.com/lists/oss-security/2014/11/24/5
https://docs.docker.com/v1.3/release-notes/
Vendor Advisory

Similar CVEs

Other vulnerabilities of type CWE-264

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring