CVE-2016-8867

Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
dockerdocker
1.12.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
docker.io
bullseye
20.10.5+dfsg1-1+deb11u2
fixed
bullseye (security)
20.10.5+dfsg1-1+deb11u3
fixed
bookworm
20.10.24+dfsg1-1
fixed
sid
26.1.5+dfsg1-4
fixed
trixie
26.1.5+dfsg1-4
fixed
runc
bullseye
1.0.0~rc93+ds1-5+deb11u5
fixed
bullseye (security)
1.0.0~rc93+ds1-5+deb11u3
fixed
bookworm
1.1.5+ds1-1+deb12u1
fixed
bookworm (security)
1.1.5+ds1-1+deb12u1
fixed
trixie
1.1.12+ds1-5.1
fixed
sid
1.1.15+ds1-1
fixed
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/94228
http://www.securitytracker.com/id/1037203
https://www.docker.com/docker-cve-database
http://www.securityfocus.com/bid/94228
http://www.securitytracker.com/id/1037203
https://www.docker.com/docker-cve-database