VYPR
High severity7.8NVD Advisory· Published Nov 13, 2017· Updated Jun 17, 2026

CVE-2017-14388

CVE-2017-14388

Description

Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. For example, this could allow an attacker to provide an image layer that GrootFS would consider to be the Ubuntu base layer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

28
  • cpe:2.3:a:pivotal_software:grootfs:0.10.0:*:*:*:*:*:*:*+ 27 more
    • cpe:2.3:a:pivotal_software:grootfs:0.10.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.11.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.12.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.13.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.14.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.15.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.16.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.17.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.17.1:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.18.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.19.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.20.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.21.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.24.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.25.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.26.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.27.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.28.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.28.1:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.29.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:pivotal_software:grootfs:0.9.0:*:*:*:*:*:*:*
    • (no CPE)range: <0.30.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.