CVSS: 7.5EPSS: 0%CPEs: 27EXPL: 1CVE-2019-16884 – runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc
https://notcve.org/view.php?id=CVE-2019-16884
25 Sep 2019 — runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. runc versiones hasta 1.0.0-rc8, como es usado en Docker versiones hasta 19.03.2-ce y otros productos, permite omitir la restricción de AppArmor porque el archivo libcontainer/rootfs_linux.go comprueba incorrectamente los destinos de montaje y, por lo tanto,... • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html • CWE-41: Improper Resolution of Path Equivalence CWE-863: Incorrect Authorization •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 2CVE-2019-15752 – Docker Desktop Community Edition Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-15752
28 Aug 2019 — Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command. Docker Desktop Community Edition antes de 2.1.0.1 permite a los usuarios locales obtener privilegios al colocar un archivo trojan horse docker-credential-wincred... • https://packetstorm.news/files/id/157404 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 1CVE-2019-13139 – Debian Security Advisory 4521-1
https://notcve.org/view.php?id=CVE-2019-13139
22 Aug 2019 — In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the underlying "git clone" command, leading to code execution in the context of the user executing the "docker build" command. This occurs because git ref can be misinterpreted as a flag. En Docker versiones anteriores a 18.09.4, un ata... • https://access.redhat.com/errata/RHBA-2019:3092 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10342
https://notcve.org/view.php?id=CVE-2019-10342
11 Jul 2019 — A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in various 'fillCredentialsIdItems' methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. Una falta de comprobación de permisos en el Plugin Docker versión 1.1.6 y anteriores de Jenkins en varios métodos 'fillCredentialsIdItems', permitieron a los usuarios con acceso General y de Lectura enumerar los ID de credenciales almacenadas en Jenkins. • http://www.openwall.com/lists/oss-security/2019/07/11/4 • CWE-862: Missing Authorization •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10341
https://notcve.org/view.php?id=CVE-2019-10341
11 Jul 2019 — A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Una falta de comprobación de permisos en el Plugin Docker versión 1.1.6 y anteriores de Jenkins en el archivo DockerAPI.DescriptorImpl#doTestConnection, permitió a los usuarios con acceso General y de Le... • http://www.openwall.com/lists/oss-security/2019/07/11/4 • CWE-862: Missing Authorization •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-10340
https://notcve.org/view.php?id=CVE-2019-10340
11 Jul 2019 — A cross-site request forgery vulnerability in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Una vulnerabilidad de tipo cross-site request forgery en el Plugin Docker versión 1.1.6 y anteriores de Jenkins en el archivo DockerAPI.DescriptorImpl#doTestConnection, permitió a los usu... • http://www.openwall.com/lists/oss-security/2019/07/11/4 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 9.3EPSS: 0%CPEs: 43EXPL: 39CVE-2019-5736 – runc < 1.0-rc6 (Docker < 18.09.2) - Container Breakout
https://notcve.org/view.php?id=CVE-2019-5736
11 Feb 2019 — runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/sel... • https://packetstorm.news/files/id/165197 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2014-5282
https://notcve.org/view.php?id=CVE-2014-5282
06 Feb 2018 — Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'. Docker, en versiones anteriores a la 1.3, no valida correctamente los ID de imagen, lo que permite que atacantes remotos redireccionen a otra imagen mediante la carga de imágenes no fiables utilizando "docker load". • https://bugzilla.redhat.com/show_bug.cgi?id=1168436 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0CVE-2017-14992
https://notcve.org/view.php?id=CVE-2017-14992
01 Nov 2017 — Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing. Una falta de verificación en Docker-CE (también conocido como Moby), en versiones 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0 y anteriores, permite que un atacante remoto provoque una denegación de servic... • https://blog.cloudpassage.com/2017/10/13/discovering-docker-cve-2017-14992 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-0047
https://notcve.org/view.php?id=CVE-2014-0047
06 Oct 2017 — Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. Las versiones anteriores a la 1.5 de Docker permiten que los usuarios locales provoquen un impacto sin especificar mediante vectores relacionados con el uso no seguro de /tmp. • http://www.openwall.com/lists/oss-security/2015/03/24/23 •