VYPR
Moderate severityNVD Advisory· Published Dec 16, 2014· Updated Jun 17, 2026

CVE-2014-9358

CVE-2014-9358

Description

Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/docker/dockerGo
< 1.3.21.3.2

Affected products

43

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.