CVE-2020-27534

Path Traversal in go/github.com/docker/libcontainer

Identifier

CVE-2020-27534

Package Slug

go/github.com/docker/libcontainer

Vulnerability

Path Traversal

Description

util/binfmt_misc/check.go in Builder of Docker Engine calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.

Affected Versions

All versions before 19.03.9

Solution

Upgrade to version 19.03.9 or above.

Last Modified

2021-01-07

source