Описание
Command injection in docker-tester
OS Command injection vulnerability in Mintzo Docker-Tester through 1.2.1 allows attackers to execute arbitrary commands via shell metacharacters in the 'ports' entry of a crafted docker-compose.yml file.
Пакеты
Наименование
docker-tester
npm
Затронутые версииВерсия исправления
<= 1.2.1
Отсутствует
Связанные уязвимости
CVSS3: 9.8
nvd
больше 3 лет назад
OS Command injection vulnerability in Mintzo Docker-Tester through 1.2.1 allows attackers to execute arbitrary commands via shell metacharacters in the 'ports' entry of a crafted docker-compose.yml file.