Lucene search
Redhat.comRH:CVE-2019-13139HistoryJul 23, 2019 - 10:51 p.m.
CVE-2019-13139
2019-07-2322:51:45
redhat.com
access.redhat.com
8
0.003 Low
EPSS
Percentile
68.5%
A command injection flaw was discovered in Docker during the docker build command. By providing a specially crafted path argument for the container to build, it is possible to inject command options to the git fetch/git checkout commands that are executed by Docker and to execute code with the privileges of the user running Docker. A local attacker who can run docker build with a controlled build path, or a remote attacker who has control over the docker build path, could elevate their privileges or execute code.
Related
cbl_mariner
cbl_mariner
CVE-2019-13139 affecting package moby-buildx 0.4.1-3
2021-07-08 21:56:42
cvelist
cvelist
CVE-2019-13139
2019-08-22 19:47:43
veracode
veracode
Command Injection
2019-07-25 07:17:26
nvd
nvd
CVE-2019-13139
2019-08-22 20:15:12
cve
cve
CVE-2019-13139
2019-08-22 20:15:12
ubuntucve
ubuntucve
CVE-2019-13139
2019-08-22 00:00:00
debiancve
debiancve
CVE-2019-13139
2019-08-22 20:15:12
osv
osv
CVE-2019-13139
2019-08-22 20:15:12
docker.io - security update
2019-09-09 00:00:00
openvas
openvas
Docker < 18.09.4 RCE Vulnerability
2019-08-27 00:00:00
Debian: Security Advisory (DSA-4521-1)
2019-09-11 00:00:00
prion
prion
Command injection
2019-08-22 20:15:00
nessus
nessus
Photon OS 2.0: Docker PHSA-2020-2.0-0235
2020-05-05 00:00:00
Photon OS 3.0: Docker PHSA-2020-3.0-0085
2020-05-06 00:00:00
Oracle Linux 7 : docker-engine (ELSA-2019-4813)
2023-09-07 00:00:00
amazon
amazon
Medium: docker
2019-11-04 18:12:00
oraclelinux
oraclelinux
docker-engine security update
2019-10-03 00:00:00
debian
debian
[SECURITY] [DSA 4521-1] docker.io security update
2019-09-09 20:55:48
photon
photon
Important Photon OS Security Update - PHSA-2020-0085
2020-05-02 00:00:00
Important Photon OS Security Update - PHSA-2020-3.0-0085
2020-05-02 00:00:00
kitploit
kitploit