Approved changes feed: RSS · Atom
cpe:2.3:a:docker:docker:17.11.0:win40:*:*:community:windows:*:*
part: a version: 17.11.0 update: win40
| Vendor | Docker (fb312c2d-be4d-5919-b619-61409dcafa2c) |
|---|---|
| Product | Docker (c8c9d969-271a-5fc1-a74d-e1a37f1d19cf) |
| Edition | * |
| Language | * |
| Software edition | community |
| Target software | windows |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/docker |
purl2cpe | 2026-06-01 10:13:11.125094 |
pkg:deb/ubuntu/docker |
purl2cpe | 2026-06-01 10:13:11.125095 |
pkg:github/docker/docker-install |
purl2cpe | 2026-06-01 10:13:11.125097 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-15514 |
vulnerable | 2026-06-03 14:38:13.891172 |
Details available
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users" group (who may not otherwise have administrator access) to escalate to administrator privileges.
Published: 2018-09-01T01:00:00.000Z
Updated: 2024-08-05T09:54:03.679Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.