Docker 18.09.4

CPE Details

Docker 18.09.4
docker
docker
18.09.4
2020-10-30
17h30 +00:00
2020-10-30
17h30 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:docker:docker:18.09.4:*:*:*:-:*:*:*

Informations

Vendor

docker

Product

docker

Version

18.09.4

Software Edition

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-21284 2021-02-02 16h55 +00:00 In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can modify files under "/var/lib/docker/" that cause writing files with extended privileges. Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user.
6.8
Medium
CVE-2021-21285 2021-02-02 16h55 +00:00 In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.
6.5
Medium
CVE-2020-27534 2020-12-30 21h28 +00:00 util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
5.3
Medium