rpm package
opensuse/docker-stable&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/docker-stable&distro=openSUSE%20Tumbleweed
Vulnerabilities (53)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-9962 | Med | 6.4 | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | Jan 31, 2017 | RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to conta | |
| CVE-2016-8867 | Hig | 7.5 | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | Oct 28, 2016 | Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes. | |
| CVE-2016-3697 | Hig | 7.8 | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | Jun 1, 2016 | libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container. | |
| CVE-2015-3631 | — | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | May 18, 2015 | Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc. | ||
| CVE-2015-3630 | — | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | May 18, 2015 | Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image. | ||
| CVE-2015-3629 | Hig | 7.8 | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | May 18, 2015 | Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container. | |
| CVE-2015-3627 | — | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | May 18, 2015 | Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image. | ||
| CVE-2014-9358 | — | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | Dec 16, 2014 | Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications." | ||
| CVE-2014-9357 | — | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | Dec 16, 2014 | Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction. | ||
| CVE-2014-6408 | — | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | Dec 12, 2014 | Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image. | ||
| CVE-2014-6407 | — | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | Dec 12, 2014 | Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation. | ||
| CVE-2014-5277 | — | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | Nov 17, 2014 | Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and | ||
| CVE-2014-3499 | — | < 24.0.9_ce-15.1 | 24.0.9_ce-15.1 | Jul 11, 2014 | Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors. |
- affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to conta
- affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.
- affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.
- CVE-2015-3631May 18, 2015affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Docker Engine before 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc.
- CVE-2015-3630May 18, 2015affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Docker Engine before 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.
- affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.
- CVE-2015-3627May 18, 2015affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Libcontainer and Docker Engine before 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.
- CVE-2014-9358Dec 16, 2014affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications."
- CVE-2014-9357Dec 16, 2014affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Docker 1.3.2 allows remote attackers to execute arbitrary code with root privileges via a crafted (1) image or (2) build in a Dockerfile in an LZMA (.xz) archive, related to the chroot for archive extraction.
- CVE-2014-6408Dec 12, 2014affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image.
- CVE-2014-6407Dec 12, 2014affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
- CVE-2014-5277Nov 17, 2014affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and
- CVE-2014-3499Jul 11, 2014affected < 24.0.9_ce-15.1fixed 24.0.9_ce-15.1
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.
Page 3 of 3