Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2014-5282

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'.

  • Published: Feb 6, 2018
  • Updated: Apr 13, 2023
  • CVE: CVE-2014-5282
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 8.1
  • AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5.5
  • AV:N/AC:L/Au:S/C:P/I:P/A:N

CWEs:

Software From Fixed in
docker / docker - 1.3