CVE-2014-3499 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-3499 PUBLISHED

Reported by redhat · Published July 11, 2014

Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
wolfi	docker	*
github.com	docker/docker	0, 0
chainguard	docker	*
n/a	n/a	n/a, n/a

Timeline

Jul 11, 2014 CVE Published
Feb 4, 2022 EPSS Score
Feb 15, 2022 CVE Updated
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score

References

x_refsource_CONFIRM
RHSA-2014:0820 vendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2014-3499 advisory
https://github.com/docker/docker/commit/707ef9618b3b26a0534a0af732a22f159eccfaa5 patch
https://rhn.redhat.com/errata/RHSA-2014-0820.html url
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3499 advisory
https://github.com/advisories/GHSA-wxj3-qwv4-cvfm advisory

Open in Interactive Console →