Search CVE reports
51 – 52 of 52 results
CVE-2014-5277
Medium prioritySome fixes available 1 of 2
Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by...
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | — | — | — | — | Not affected |
CVE-2014-3499
High priorityDocker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.
1 affected packages
docker.io
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
docker.io | — | — | — | — | Not affected |