DirectorySecurity Advisories
Sign In
Security Advisories

CGA-5qj7-7993-254x

Published

Last updated

https://images.chainguard.dev/security/CGA-5qj7-7993-254x
Package

docker

Latest Update
Not affected
Aliases
  • CVE-2014-9358
  • GHSA-qmmc-jppf-32wv

Severity

6.5

Medium

CVSS V3

Summary

Directory Traversal in Docker

Description

Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications."

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation