VYPR
High severityNVD Advisory· Published May 18, 2015· Updated Jun 17, 2026

CVE-2015-3630

CVE-2015-3630

Description

Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/docker/dockerGo
>= 1.6.0, < 1.6.11.6.1

Affected products

23

Patches

Vulnerability mechanics

References

14

News mentions

0

No linked articles in our index yet.