Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cnvdChina National Vulnerability DatabaseCNVD-2021-90310
HistoryNov 24, 2021 - 12:00 a.m.

Docker code injection vulnerability

2021-11-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
docker
code injection
vulnerability
container engine
linux systems
configuration files
operating system commands
cnvd

EPSS

0.016

Percentile

87.7%

JSON

Docker is an open source application container engine from the U.S. company Docker. The product supports creating a container (lightweight virtual machine) and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrade of applications through configuration files. docker cli-js is vulnerable to code injection, which stems from a vulnerability if the command parameter of the Docker.command method can be at least partially controlled by the user. An attacker could exploit this vulnerability to execute arbitrary operating system commands on the host system.

Related

github 1
veracode 1
nvd 1
cve 1
prion 1
cvelist 1
github
github
OS Command injection in docker-cli-js
2021-12-02 17:51:22
veracode
veracode
Arbitrary Code Execution
2021-11-23 10:39:29
nvd
nvd
CVE-2021-23732
2021-11-22 17:15:08
cve
cve
CVE-2021-23732
2021-11-22 17:15:08
prion
prion
Command injection
2021-11-22 17:15:00
cvelist
cvelist
CVE-2021-23732 Arbitrary Code Execution
2021-11-22 17:00:16

EPSS

0.016

Percentile

87.7%

JSON
Related for CNVD-2021-90310
github1veracode1nvd1cve1prion1cvelist1