CVE-2014-9356Path Traversal in Docker Docker

CWE-22Path Traversal12 documents8 sources
Severity
8.6HIGHNVD
EPSS
1.0%
top 22.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Github.com Docker DockerDocker
Timeline
PublishedDec 2
Latest updateAug 21

Description

Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or (2) build in a Dockerfile.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:NExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

NVDdocker/docker< 1.3.3

🔴Vulnerability Details

5
OSV
Path Traversal in Docker in github.com/docker/docker2024-08-21
GHSA
Path Traversal in Docker2021-05-18
OSV
Path Traversal in Docker2021-05-18
OSV
CVE-2014-9356: Path traversal vulnerability in Docker before 12019-12-02
CVEList
CVE-2014-9356: Path traversal vulnerability in Docker before 12019-12-02

📋Vendor Advisories

3
Microsoft
Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to write to arbitrary files and bypass a container protection mechanism via a full pathname in a symlink in an (1) image or 2019-12-10
Red Hat
docker: Path traversal during processing of absolute symlinks2014-12-11
Debian
CVE-2014-9356: docker.io - Path traversal vulnerability in Docker before 1.3.3 allows remote attackers to w...2014

💬Community

3
Bugzilla
CVE-2014-9357 CVE-2014-9356 CVE-2014-9358 docker-io: various flaws [epel-6]2014-12-11
Bugzilla
CVE-2014-9357 CVE-2014-9356 CVE-2014-9358 docker-io: various flaws [fedora-all]2014-12-11
Bugzilla
CVE-2014-9356 docker: Path traversal during processing of absolute symlinks2014-12-10
CVE-2014-9356 — Path Traversal in Docker Docker | cvebase