← Back

Boot2docker

boot2docker

Vendor: Boot2docker • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2014-5280
1Boot2docker
1Boot2docker
Nov 21, 2024
Feb 6, 2018
N/A· v4
8.8 HIGH· v3
9.3 HIGH· v2
boot2docker 1.2 and earlier allows attackers to conduct cross-site request forgery (CSRF) attacks by leveraging Docker daemons enabling TCP connections without TLS authentication.
CVE-2014-5279
1Boot2docker
1Boot2docker
Nov 21, 2024
Feb 6, 2018
N/A· v4
8.8 HIGH· v3
9.0 HIGH· v2
The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP connections by default, which makes it easier for remote attackers to gain privileges or execute arbitrary code from childre...Show more
The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP connections by default, which makes it easier for remote attackers to gain privileges or execute arbitrary code from children containers.Show less