Aleksa Sarai discovered that Docker was vulnerable to a directory traversal attack. An attacker could use this vulnerability to read and write arbitrary files on the host filesystem as root.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "18.09.7-0ubuntu1~16.04.4", "binary_name": "docker-doc" }, { "binary_version": "18.09.7-0ubuntu1~16.04.4", "binary_name": "docker.io" }, { "binary_version": "18.09.7-0ubuntu1~16.04.4", "binary_name": "golang-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~16.04.4", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~16.04.4", "binary_name": "vim-syntax-docker" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "18.09.7-0ubuntu1~18.04.3", "binary_name": "docker-doc" }, { "binary_version": "18.09.7-0ubuntu1~18.04.3", "binary_name": "docker.io" }, { "binary_version": "18.09.7-0ubuntu1~18.04.3", "binary_name": "golang-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~18.04.3", "binary_name": "golang-github-docker-docker-dev" }, { "binary_version": "18.09.7-0ubuntu1~18.04.3", "binary_name": "vim-syntax-docker" } ] }