CVE-2017-14992
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-14992
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Docker-CE 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Docker-CE(又名Moby)是一套在容器中安装系统的框架。 Docker-CE中存在安全漏洞,该漏洞源于程序没有执行内容验证。远程攻击者可利用该漏洞造成拒绝服务。以下版本受到影响:Docker-CE 1.12.6-0版本,1.10.3版本,17.03.0版本,17.03.1版本,17.03.2版本,17.06.0版本,17.06.1版本,17.06.2版本,17.09.0及之前的版本。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2017-14992
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-14992
请登录查看更多情报信息。
- https://github.com/moby/moby/issues/35075x_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2017-14992
Same Patch Batch · n/a · 2017-11-01 · 21 CVEs total
| CVE-2017-1000243 | CloudBees Jenkins Favorite插件安全漏洞 | |
| CVE-2017-16248 | Perl Catalyst-Plugin-Static-Simple模块安全漏洞 | |
| CVE-2017-16244 | OctoberCMS 跨站请求伪造漏洞 | |
| CVE-2017-15535 | MongoDB 安全漏洞 | |
| CVE-2017-14376 | EMC AppSync Server 安全漏洞 | |
| CVE-2017-14375 | 多款EMC产品安全漏洞 | |
| CVE-2017-14027 | 多款Korenix产品安全漏洞 | |
| CVE-2017-14021 | 多款Korenix产品安全漏洞 | |
| CVE-2017-1000245 | CloudBees Jenkins SSH插件安全漏洞 | |
| CVE-2017-1000244 | CloudBees Jenkins Favorite插件跨站请求伪造漏洞 | |
| CVE-2017-1000121 | WebKit和WebKitGTK+ 安全漏洞 | |
| CVE-2017-1000242 | CloudBees Jenkins Git Client插件安全漏洞 | |
| CVE-2017-16353 | GraphicsMagick 信息泄露漏洞 | |
| CVE-2017-16352 | GraphicsMagick 缓冲区错误漏洞 | |
| CVE-2017-16359 | radare 安全漏洞 | |
| CVE-2017-16358 | radare 缓冲区错误漏洞 | |
| CVE-2017-16357 | radare 缓冲区错误漏洞 | |
| CVE-2017-15918 | Sera 安全漏洞 | |
| CVE-2017-15566 | SchedMD Slurm 安全漏洞 | |
| CVE-2017-1000122 | WebKit和WebKitGTK+ 安全漏洞 |
IV. Related Vulnerabilities
V. Comments for CVE-2017-14992
No comments yet