CVE-2014-8178

Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 do not use a globally unique identifier to store image layers, which makes it easier for attackers to poison the image cache via a crafted image in pull or push commands.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:docker:cs_engine:*:*:*:*:*:*:*:*
cpe:2.3:a:docker:docker:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-12-17 14:15

Updated : 2024-02-28 17:28


NVD link : CVE-2014-8178

Mitre link : CVE-2014-8178

CVE.ORG link : CVE-2014-8178


JSON object : View

Products Affected

docker

  • cs_engine
  • docker

opensuse

  • opensuse
CWE
CWE-20

Improper Input Validation