CVE-2014-0047Insecure Temporary File in Docker.io

CWE-377Insecure Temporary File7 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 71.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Debian Docker.ioDockerMsrc CBL Mariner 1.0 ARM+2 more
Timeline
PublishedOct 6
Latest updateMay 17

Description

Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages5 packages

debiandebian/docker.io< docker.io 1.6.0+dfsg1-1 (bookworm)
NVDdocker/docker1.4.1

🔴Vulnerability Details

2
GHSA
GHSA-c3q7-gppj-rw4w: Docker before 12022-05-17
OSV
CVE-2014-0047: Docker before 12017-10-06

📋Vendor Advisories

3
Microsoft
Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage.2017-10-10
Red Hat
Docker: multiple temporary file creation vulnerabilities2015-03-24
Debian
CVE-2014-0047: docker.io - Docker before 1.5 allows local users to have unspecified impact via vectors invo...2014

💬Community

1
Bugzilla
CVE-2014-0047 Docker: multiple temporary file creation vulnerabilities2014-02-11