[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Arbitrary code execution vulnerability in Docker-ce and Docker-ee - CVE-2019-5736 (dpkg)

ID: oval:org.secpod.oval:def:54299Date: (C)2019-04-15   (M)2024-02-08
Class: VULNERABILITYFamily: unix




The host is installed with Docker-ce or Docker-ee before 18.09.2 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle the file-descriptor related to /proc/self/exe. Successful exploitation allows attackers to execute an arbitrary command as root within one of these types of containers.

Platform:
Linux
Product:
docker-ce
docker-ee
Reference:
CVE-2019-5736
CVE    1
CVE-2019-5736
CPE    2
cpe:/a:docker:docker-ce
cpe:/a:docker:docker-ee

© SecPod Technologies