Описание
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.3.1 (включая)
Одно из
cpe:2.3:a:docker:docker:*:*:*:*:*:*:*:*
cpe:2.3:a:docker:docker:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:docker:docker:1.3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05577
Низкий
7.5 High
CVSS2
Дефекты
CWE-59
Связанные уязвимости
ubuntu
больше 10 лет назад
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
redhat
больше 10 лет назад
Docker before 1.3.2 allows remote attackers to write to arbitrary files and execute arbitrary code via a (1) symlink or (2) hard link attack in an image archive in a (a) pull or (b) load operation.
debian
больше 10 лет назад
Docker before 1.3.2 allows remote attackers to write to arbitrary file ...
EPSS
Процентиль: 90%
0.05577
Низкий
7.5 High
CVSS2
Дефекты
CWE-59