Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Docker before 1.3.3 does not properly validate image IDs, which allows remote attackers to conduct path traversal attacks and spoof repositories via a crafted image in a (1) "docker load" operation or (2) "registry communications."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Docker 目录遍历漏洞
Vulnerability Description
Docker是美国Docker公司的一款开源的应用容器引擎,它支持在Linux系统上创建一个容器(轻量级虚拟机)并部署和运行应用程序,以及通过配置文件实现应用程序的自动化安装、部署和升级。 Docker 1.3.3之前版本中存在安全漏洞,该漏洞源于程序没有正确验证图像ID。远程攻击者可借助‘docker load’操作或‘registry communications’中特制的图像利用该漏洞实施路径遍历攻击,伪造存储库。
CVSS Information
N/A
Vulnerability Type
N/A