docker-compose-remote-api is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands via the serviceName
parameter due to lack of validation before passing to the exec
function.
CPE | Name | Operator | Version |
---|---|---|---|
docker-compose-remote-api | le | 0.1.4 |