Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in
Docker incorrectly allowed the docker cp command to make permissions
changes in the host filesystem in some situations. A local attacker
could possibly use to this to expose sensitive information or gain
administrative privileges.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 21.04 | noarch | docker.io | < 20.10.7-0ubuntu1~21.04.2 | UNKNOWN |
Ubuntu | 21.04 | noarch | docker-doc | < 20.10.7-0ubuntu1~21.04.2 | UNKNOWN |
Ubuntu | 21.04 | noarch | golang-docker-dev | < 20.10.7-0ubuntu1~21.04.2 | UNKNOWN |
Ubuntu | 21.04 | noarch | golang-github-docker-docker-dev | < 20.10.7-0ubuntu1~21.04.2 | UNKNOWN |
Ubuntu | 21.04 | noarch | vim-syntax-docker | < 20.10.7-0ubuntu1~21.04.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | docker.io | < 20.10.7-0ubuntu1~20.04.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | docker-doc | < 20.10.7-0ubuntu1~20.04.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | golang-docker-dev | < 20.10.7-0ubuntu1~20.04.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | golang-github-docker-docker-dev | < 20.10.7-0ubuntu1~20.04.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | vim-syntax-docker | < 20.10.7-0ubuntu1~20.04.2 | UNKNOWN |