GitHub Advisory DatabaseGHSA-GFH2-7JG5-653PDenial of Service in docker2aci
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.001 Low
EPSS
Percentile
22.9%
docker2aci <= 0.12.3 has an infinite loop when handling local images with cyclic dependency chain.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/appc/docker2aci | lt | 0.13.0 |
References
github.com/advisories/GHSA-gfh2-7jg5-653p
github.com/appc/docker2aci/issues/203
github.com/appc/docker2aci/pull/204/commits/54331ec7020e102935c31096f336d31f6400064f
github.com/appc/docker2aci/releases/tag/v0.13.0
nvd.nist.gov/vuln/detail/CVE-2016-8579
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8579
www.securityfocus.com/bid/93560
Related
2.1 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
0.001 Low
EPSS
Percentile
22.9%