CVE-2014-0048
9.8
CRITICAL
CVSS 3.1
EPSS 3.3%
Description
An issue was found in Docker before 1.6.0. Some programs and scripts in Docker are downloaded via HTTP and then executed or used in unsafe ways.
How to fix CVE-2014-0048
To remediate CVE-2014-0048, upgrade the affected package to a fixed version below.
- Debian/docker.io—upgrade to 1.6.0+dfsg1-1 or later
Is CVE-2014-0048 being exploited?
Low — EPSS is 3.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.6.0+dfsg1-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | CRITICAL9.8 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |