Vulnerabilities > Docker > Docker > 1.3.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-06-01 | CVE-2016-3697 | Permissions, Privileges, and Access Controls vulnerability in multiple products libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container. | 2.1 |
2014-12-12 | CVE-2014-6408 | Permissions, Privileges, and Access Controls vulnerability in Docker 1.3.0/1.3.1 Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image. | 5.0 |
2014-12-12 | CVE-2014-6407 | Link Following vulnerability in Docker Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation. | 7.5 |