VDB
GCVE-110-MAGEIA-2016-43
GCVE-110-MAGEIA-2016-43
Advisory Published
Manipulated layer IDs could have lead to local graph poisoning
(CVE-2014-8178).
Manifest validation and parsing logic errors allowed pull-by-digest
validation bypass (CVE-2014-8179).
To fix these issues, the golang package has been updated to version 1.4.3
and the docker package has been updated to version 1.9.1.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | clipgrab | 0 (affected), 3.5.6-1.mga5 (unaffected) | — |
| Mageia | golang | 0 (affected), 1.4.3-1.mga5 (unaffected), 0 (affected), 1.4.3-1.mga5 (unaffected) | — |
| Mageia | docker | 0 (affected), 1.9.1-1.mga5 (unaffected), 0 (affected), 1.9.1-1.mga5 (unaffected) | — |
Aliases
References
Browse GCVE Records
72,337 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.