CVE-2018-15514 is a vulnerability in Docker
Published on September 1, 2018

HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users" group (who may not otherwise have administrator access) to escalate to administrator privileges.

NVD

Products Associated with CVE-2018-15514

Want to know whenever a new CVE is published for Docker? stack.watch will email you.

Docker

Exploit Probability

EPSS

3.18%

Percentile

86.98%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-15514 is a vulnerability in DockerPublished on September 1, 2018

Products Associated with CVE-2018-15514

Exploit Probability

CVE-2018-15514 is a vulnerability in Docker
Published on September 1, 2018