CVE-2014-0048

critical

Description

An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways.

References

https://security-tracker.debian.org/tracker/CVE-2014-0048

https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2014-0048

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0048

https://access.redhat.com/security/cve/cve-2014-0048

http://www.openwall.com/lists/oss-security/2015/03/24/23

http://www.openwall.com/lists/oss-security/2015/03/24/22

http://www.openwall.com/lists/oss-security/2015/03/24/18

Details

Source: Mitre, NVD

Published: 2020-01-02

Updated: 2023-03-01

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical