VYPR
High severityNVD Advisory· Published Dec 16, 2014· Updated Jun 17, 2026

CVE-2014-9357

CVE-2014-9357

Description

Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/docker/dockerGo
< 1.3.31.3.3

Affected products

43

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.