CVE-2014-8179

Posted on by admin

CVE-2014-8179

Docker Engine before 1.8.3 and CS Docker Engine before 1.6.2-CS7 does not properly validate and extract the manifest object from its JSON representation during a pull, which allows attackers to inject new attributes in a JSON object and bypass pull-by-digest validation.

Source: CVE-2014-8179

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다