Back to search

CVE-2016-8867

HIGH
7.5NVD

Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.

CVSS v3.0 Score

7.5
/ 10.0
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Information

Published
28 oct. 2016
Updated
12 avr. 2025
Status
Deferred
Source
cve@mitre.org

Affected products

docker dockerAll Docker CVEs →
Versions : 1.12.2

Weaknesses (CWE)

CWE-264

References (6)

Similar CVEs

Other vulnerabilities of type CWE-264

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring