github.com/docker/docker is vulnerable to path traversal attacks. These attacks are possible due to a flaw in the processing of absolute symlinks. The flaw allows attackers to use malicious images and builds to write files to the host system and escape containerization, possibly leading to privilege escalation.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/docker/docker | eq | HEAD | |
github.com/docker/docker | le | 1.3.2 |