Vulnerability Database

310,710

Total vulnerabilities in the database

CVE-2014-6408

Docker 1.3.0 through 1.3.1 allows remote attackers to modify the default run profile of image containers and possibly bypass the container by applying unspecified security options to an image.

Published: Dec 12, 2014
Updated: Nov 9, 2025
CVE: CVE-2014-6408
GHSA: GHSA-44gg-pmqr-4669
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-264
CWE-285

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
docker / docker	1.3.0	1.3.0.x
docker / docker	1.3.1	1.3.1.x
github.com/docker/docker	1.3.0	1.3.2

http://lists.fedoraproject.org/pipermail/package-announce/2014-December/145154.html
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00009.html
http://secunia.com/advisories/60171
http://secunia.com/advisories/60241
http://www.openwall.com/lists/oss-security/2014/11/24/5
https://docs.docker.com/v1.3/release-notes/
https://github.com/docker/docker/commit/c9379eb3fbbc484c056f5a5e49d8d0b755a29c45
https://lists.fedoraproject.org/pipermail/package-announce/2014-December/145154.html
https://lists.opensuse.org/opensuse-security-announce/2014-12/msg00009.html
https://secunia.com/advisories/60171
https://secunia.com/advisories/60241
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6408
https://www.openwall.com/lists/oss-security/2014/11/24/5

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo