Vulnerabilities > Redhat > Docker
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-04-06 | CVE-2015-1843 | Improper Input Validation vulnerability in Redhat Docker 1.5.027 The Red Hat docker package before 1.5.0-28, when using the --add-registry option, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and obtain authentication and image data by leveraging a network position between the client and the registry to block HTTPS traffic. | 4.3 |