VYPR
Moderate severityNVD Advisory· Published May 18, 2015· Updated Jun 17, 2026

CVE-2015-3627

CVE-2015-3627

Description

Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/docker/dockerGo
< 1.6.11.6.1

Affected products

46

Patches

Vulnerability mechanics

References

11

News mentions

0

No linked articles in our index yet.