Docker is vulnerable to directory traversal. The daemon/archive.go
does not perform archive operations on a frozen filesystem or from within a chroot, allowing an attacker to perform a symlink-exchange attack using the docker cp
command that results in arbitrary read-write access to the host filesystem with root privileges.