CVE-2019-14271

ADVISORY - github

Summary

In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.

EPSS Score⁠: 0.72198 (0.987)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-665⁠

Improper Initialization

ADVISORY - github

CWE-665⁠

Improper Initialization

CWE-94⁠

Improper Control of Generation of Code ('Code Injection')

ADVISORY - gitlab

CWE-1035⁠

OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

CWE-665⁠

Improper Initialization

CWE-937⁠

OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

CWE-94⁠

Improper Control of Generation of Code ('Code Injection')

ADVISORY - redhat

CWE-426⁠

Untrusted Search Path

Impacted images

Advisories

NIST

CREATED

6 years ago

UPDATED

1 year ago

ADVISORY IDCVE-2019-14271⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-665⁠

CVSS SCORE

9.8critical

GitHub

CREATED

4 years ago

UPDATED

2 years ago

ADVISORY IDGHSA-v2cv-wwxq-qq97⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-665⁠CWE-94⁠

CVSS SCORE

9.3critical

Alpine

CREATED

6 years ago

UPDATED

7 hours ago

ADVISORY IDCVE-2019-14271⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Debian

CREATED

6 years ago

UPDATED

18 days ago

ADVISORY IDCVE-2019-14271⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Ubuntu

CREATED

6 years ago

UPDATED

10 months ago

ADVISORY IDCVE-2019-14271⁠

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.8medium

GoLang

CREATED

2 years ago

UPDATED

2 years ago

ADVISORY IDGO-2024-2521⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

GitLab

CREATED

4 years ago

UPDATED

2 years ago

ADVISORY ID

CVE-2019-14271

EXPLOITABILITY SCORE

3.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-1035⁠CWE-665⁠CWE-937⁠CWE-94⁠

CVSS SCORE

9.8critical

Red Hat

CREATED

6 years ago

UPDATED

12 days ago

ADVISORY IDCVE-2019-14271⁠

EXPLOITABILITY SCORE

1.6

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-426⁠

CVSS SCORE

8.3high

Oracle

CREATED

6 years ago

UPDATED

6 years ago

ADVISORY IDELSA-2019-4827⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Ahigh

Photon

CREATED

1 year ago

UPDATED

3 months ago

ADVISORY ID

CVE-2019-14271

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

9.8critical