In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.
{ "review_status": "REVIEWED", "url": "https://pkg.go.dev/vuln/GO-2024-2521" }