CVE-2014-6407
12.12.2014, 15:59
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
| Vendor | Product | Version |
|---|---|---|
| docker | docker | 𝑥 ≤ 1.3.1 |
| docker | docker | 1.0.0 |
| docker | docker | 1.3.0 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References