CVEs-PoC/2014/CVE-2014-8179.md at 9822fb37735000bda8766c00a6155fb6da059fd1

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-12 21:42:20 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation.

POC

Reference

https://blog.docker.com/2015/10/security-release-docker-1-8-3-1-6-2-cs7/

Github

https://github.com/xxg1413/docker-security

995 B Raw Blame History

CVE-2014-8179

Description

POC

Reference

Github

995 B

Raw Blame History