cbcvebase.
CVE-2014-0048
published 2020-01-02

CVE-2014-0048: An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways.

critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways.

Affected

11 ranges
VendorProductVersion rangeFixed in
apachegeode
debiandocker.io< docker.io 1.6.0+dfsg1-1 (bookworm)docker.io 1.6.0+dfsg1-1 (bookworm)
docker.iodocker.io
docker.iodocker.io>= 0 < 1.6.0+dfsg1-11.6.0+dfsg1-1
docker.iodocker.io>= 0 < 1.6.0+dfsg1-11.6.0+dfsg1-1
docker.iodocker.io>= 0 < 1.6.0+dfsg1-11.6.0+dfsg1-1
docker.iodocker.io>= 0 < 1.6.0+dfsg1-11.6.0+dfsg1-1
dockerdocker< 1.5.01.5.0
msrccbl_mariner_1.0_arm
msrccbl_mariner_1.0_x64
msrccm1_moby-buildx_0.4.1+azure-3_on_cbl_mariner_1.0

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL