High severity7.8NVD Advisory· Published Nov 13, 2017· Updated Jun 17, 2026
CVE-2017-14388
CVE-2017-14388
Description
Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the grootfs volume cache. For example, this could allow an attacker to provide an image layer that GrootFS would consider to be the Ubuntu base layer.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
28cpe:2.3:a:pivotal_software:grootfs:0.10.0:*:*:*:*:*:*:*+ 27 more
- cpe:2.3:a:pivotal_software:grootfs:0.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.13.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.14.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.15.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.16.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.17.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.17.1:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.18.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.19.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.20.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.21.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.24.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.25.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.26.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.27.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.28.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.28.1:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.29.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:pivotal_software:grootfs:0.9.0:*:*:*:*:*:*:*
- (no CPE)range: <0.30.0
Patches
Vulnerability mechanics
References
1- www.cloudfoundry.org/cve-2017-14388/nvdIssue TrackingVendor Advisory
News mentions
0No linked articles in our index yet.