fkie_cve-2018-15664
Vulnerability from fkie_nvd
Published
2019-05-23 14:29
Modified
2024-11-21 03:51
Severity ?
Summary
In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| docker | docker | 17.06.0-ce | |
| docker | docker | 17.06.0-ce | |
| docker | docker | 17.06.0-ce | |
| docker | docker | 17.06.0-ce | |
| docker | docker | 17.06.0-ce | |
| docker | docker | 17.06.0-ce | |
| docker | docker | 17.06.1-ce | |
| docker | docker | 17.06.1-ce | |
| docker | docker | 17.06.1-ce | |
| docker | docker | 17.06.1-ce | |
| docker | docker | 17.06.1-ce | |
| docker | docker | 17.06.2-ce | |
| docker | docker | 17.06.2-ce | |
| docker | docker | 17.07.0-ce | |
| docker | docker | 17.07.0-ce | |
| docker | docker | 17.07.0-ce | |
| docker | docker | 17.07.0-ce | |
| docker | docker | 17.07.0-ce | |
| docker | docker | 17.09.0-ce | |
| docker | docker | 17.09.0-ce | |
| docker | docker | 17.09.0-ce | |
| docker | docker | 17.09.0-ce | |
| docker | docker | 17.09.1-ce | |
| docker | docker | 17.09.1-ce- | |
| docker | docker | 17.10.0-ce | |
| docker | docker | 17.10.0-ce | |
| docker | docker | 17.10.0-ce | |
| docker | docker | 17.11.0-ce | |
| docker | docker | 17.11.0-ce | |
| docker | docker | 17.11.0-ce | |
| docker | docker | 17.11.0-ce | |
| docker | docker | 17.11.0-ce | |
| docker | docker | 17.12.0-ce | |
| docker | docker | 17.12.0-ce | |
| docker | docker | 17.12.0-ce | |
| docker | docker | 17.12.0-ce | |
| docker | docker | 17.12.0-ce | |
| docker | docker | 17.12.1-ce | |
| docker | docker | 17.12.1-ce | |
| docker | docker | 17.12.1-ce | |
| docker | docker | 18.01.0-ce | |
| docker | docker | 18.01.0-ce | |
| docker | docker | 18.02.0-ce | |
| docker | docker | 18.02.0-ce | |
| docker | docker | 18.02.0-ce | |
| docker | docker | 18.03.0-ce | |
| docker | docker | 18.03.0-ce | |
| docker | docker | 18.03.0-ce | |
| docker | docker | 18.03.0-ce | |
| docker | docker | 18.03.0-ce | |
| docker | docker | 18.03.1-ce | |
| docker | docker | 18.03.1-ce | |
| docker | docker | 18.03.1-ce | |
| docker | docker | 18.04.0-ce | |
| docker | docker | 18.04.0-ce | |
| docker | docker | 18.04.0-ce | |
| docker | docker | 18.05.0-ce | |
| docker | docker | 18.05.0-ce | |
| docker | docker | 18.06.0-ce | |
| docker | docker | 18.06.0-ce | |
| docker | docker | 18.06.0-ce | |
| docker | docker | 18.06.0-ce | |
| docker | docker | 18.06.1-ce | |
| docker | docker | 18.06.1-ce |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "03ED214E-B35E-4269-AB60-DC153D84A7EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "23DC417C-741C-4B54-AC05-695266F837BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "EA9CEEEF-FA4C-466B-B06A-409B412911CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc3:*:*:community:*:*:*",
"matchCriteriaId": "1D56B684-9D21-456D-AEAF-681FE4AF34DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc4:*:*:community:*:*:*",
"matchCriteriaId": "6AC3E4B6-3D75-408D-B3CD-0E5FC83DC303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc5:*:*:community:*:*:*",
"matchCriteriaId": "1BA3AC1D-E044-4F3F-A880-9D57E6247D3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "ADFFCF49-C72C-4122-8035-D56FBDF36EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "A07F31B1-0471-4496-98E8-3D50D62A9376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "157499DF-2A7E-4615-9F6B-383F998D45D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:rc3:*:*:community:*:*:*",
"matchCriteriaId": "426A1B51-9C0C-4E2E-AD7B-F2C9C2F90DC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:rc4:*:*:community:*:*:*",
"matchCriteriaId": "BA3C59E2-4528-498B-B77A-CCDB9E1F2EC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.2-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "FF0BFEAD-83C4-43C3-AF7F-B07E623027CA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.06.2-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "90446BD3-E1E0-4FF0-8617-635C1428206C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "346B183E-B29A-4D11-A5EB-B4263AE2A930",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "0E3245D9-EE7C-48C6-ADA7-D09BAC758335",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "06067BD7-BF28-4C3C-8AA4-33AE91D1A08D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:rc3:*:*:community:*:*:*",
"matchCriteriaId": "2AA91357-976E-4E58-933F-3B5053E44AD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:rc4:*:*:community:*:*:*",
"matchCriteriaId": "08DBC6A3-AFC6-4D34-B2C6-E7557A9BAC55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.09.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "0CDFF197-1317-4E9A-89AC-42A347E92CB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.09.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "DBA8D554-BA26-4440-83C1-623B02B9378A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.09.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "444F283F-E95D-4885-88E9-552846EB34B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.09.0-ce:rc3:*:*:community:*:*:*",
"matchCriteriaId": "F0C3E0C2-B036-49CE-99DF-7243AFFD23D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.09.1-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "443E631B-4D7D-4C45-8A64-6C98DD18D286",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.09.1-ce-:rc1:*:*:community:*:*:*",
"matchCriteriaId": "CDE4D9DF-794E-4ACB-88D4-866F1D333B72",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.10.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "3332E705-364B-4CFE-8EFE-791191DD6D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.10.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "CB5190C1-B7B3-4CA5-8B04-7C4C29952687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.10.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "7926C680-46ED-49FE-9000-A2CCD61CF6EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "B7C29495-0403-4D11-9687-249DCD60536B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "9CFCE477-6B5C-43B2-BA05-2D4B8C18168A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "62A4CEB1-4053-4508-9FE7-0D23A61CEE64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:rc3:*:*:community:*:*:*",
"matchCriteriaId": "A3BC6153-1036-4A2B-8E6B-CCCBE9866641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:rc4:*:*:community:*:*:*",
"matchCriteriaId": "EB4E8414-1B6C-457E-8C1D-19D962FEF212",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "A4FE190B-896E-4CFD-AD14-B8F990F6C2D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "03558F57-4DB4-42A1-8FFF-E32455F14D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "BD7FE2CE-D564-4B0F-A86C-3D9D8ADB4209",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:rc3:*:*:community:*:*:*",
"matchCriteriaId": "CE6482EC-8B28-4EBA-8D31-444AF20CDF45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:rc4:*:*:community:*:*:*",
"matchCriteriaId": "2B6895B8-84E0-4796-9BE6-F560F78B6F09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.12.1-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "2476F29C-9011-4040-B45B-ABEA9D9B989A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.12.1-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "BA34377A-7FAF-489F-967C-592F4DDAA395",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:17.12.1-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "F5981E01-90F2-4950-BDCC-049B8CF11BF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.01.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "6A67CC6A-5DFF-4EC8-AD89-CBE61D5B1E86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.01.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "417A41D1-95F5-4F11-A84A-80EFB5470FDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.02.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "E6EFF14F-CD0B-4AC6-95F8-AEAAE0AFC9F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.02.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "749D44D3-0800-452D-B617-16533AFCDB9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.02.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "BFDB4066-4966-45DA-886B-83B4DA10E5DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "A632A32E-83CC-4643-A92E-4B853772B1E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "74447A87-49F6-40E9-B42B-4DD10915FD5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "850F9B89-B19C-4334-B188-ED9B30E4858F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:rc3:*:*:community:*:*:*",
"matchCriteriaId": "DC41D120-BB84-497B-8E14-4242DA34336B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:rc4:*:*:community:*:*:*",
"matchCriteriaId": "D3A6BC7B-16B3-4C38-884F-F3D58D02DCB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.03.1-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "76C71530-639E-4E9A-B74F-0D046E0F1A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.03.1-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "B1C17446-B119-483F-8BB2-80DBE1CD28C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.03.1-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "D5DEED51-DDC3-40CA-8FDA-59462492BEA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.04.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "CF279FD4-58D4-4272-AC14-DE9D79D88BE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.04.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "749AA8E0-2F98-424C-9A0D-9F91987F3A5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.04.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "E5C31E97-B350-457C-9EBE-CD9DEC94D818",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.05.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "DE28CE42-3EB2-4032-BEE6-C87C65551B94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.05.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "2704A6EF-A030-4B3F-8160-EE1F4B401E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.06.0-ce:*:*:*:community:*:*:*",
"matchCriteriaId": "18C4AB1B-79B0-4F1B-A80D-B4F16C49BFF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.06.0-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "A48C808D-7B04-457F-9724-1694696773CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.06.0-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "D20E4F37-3E9E-4A42-8E6A-7888776B2C5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.06.0-ce:rc3:*:*:community:*:*:*",
"matchCriteriaId": "6CBB326E-A337-4047-B332-E12EB6F00E1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.06.1-ce:rc1:*:*:community:*:*:*",
"matchCriteriaId": "F2A1AE6D-371D-4876-90B7-0B8D62D5AFB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:docker:docker:18.06.1-ce:rc2:*:*:community:*:*:*",
"matchCriteriaId": "D2AF3BE5-8C7B-4F4C-A381-59DFF1B5233A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Docker through 18.06.1-ce-rc2, the API endpoints behind the \u0027docker cp\u0027 command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot)."
},
{
"lang": "es",
"value": "En Docker hasta la versi\u00f3n 18.06.1-ce-rc2, los endpoints API debajo del comando \u0027docker cp\u0027 son vulnerables a un ataque de de tipo symlink-exchange con salto de directorio, dando a los atacantes acceso arbitrario de lectura-escritura al sistema de archivos del host con privilegios de root, porque daemon/archive.go no genera operaciones de archivo en un filesystem congelado (o desde dentro de una operaci\u00f3n chroot)."
}
],
"id": "CVE-2018-15664",
"lastModified": "2024-11-21T03:51:14.130",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 1.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-05-23T14:29:07.453",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00066.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/05/28/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2019/08/21/1"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108507"
},
{
"source": "cve@mitre.org",
"url": "https://access.redhat.com/errata/RHSA-2019:1910"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1096726"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/moby/moby/pull/39252"
},
{
"source": "cve@mitre.org",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-15664"
},
{
"source": "cve@mitre.org",
"url": "https://usn.ubuntu.com/4048-1/"
},
{
"source": "nvd@nist.gov",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2018-15664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00066.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/05/28/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2019/08/21/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/108507"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://access.redhat.com/errata/RHSA-2019:1910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=1096726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/moby/moby/pull/39252"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-15664"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/4048-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…