{"id":"GHSA-wxj3-qwv4-cvfm","summary":"Privilege Escalation in Docker","details":"Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.","aliases":["CVE-2014-3499","GO-2022-0752"],"modified":"2026-02-04T02:58:24.638310Z","published":"2022-02-15T00:40:44Z","related":["CGA-h77p-6vvg-x8v4"],"database_specific":{"severity":"HIGH","cwe_ids":["CWE-269"],"github_reviewed":true,"github_reviewed_at":"2021-05-20T21:10:59Z","nvd_published_at":"2014-07-11T14:55:00Z"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2014-3499"},{"type":"WEB","url":"https://github.com/docker/docker/commit/707ef9618b3b26a0534a0af732a22f159eccfaa5"},{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1111687"},{"type":"WEB","url":"https://rhn.redhat.com/errata/RHSA-2014-0820.html"},{"type":"WEB","url":"https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3499"},{"type":"WEB","url":"http://rhn.redhat.com/errata/RHSA-2014-0820.html"}],"affected":[{"package":{"name":"github.com/docker/docker","ecosystem":"Go","purl":"pkg:golang/github.com/docker/docker"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.0.1"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-wxj3-qwv4-cvfm/GHSA-wxj3-qwv4-cvfm.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}