CVE-2019-14271

Improper Initialization in go/github.com/moby/moby

Identifiers

GHSA-v2cv-wwxq-qq97, CVE-2019-14271

Package Slug

go/github.com/moby/moby

Vulnerability

Improper Initialization

Description

In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container.

Affected Versions

All versions before 20.10.0-beta1

Solution

Upgrade to version 20.10.0-beta1 or above. Note: 20.10.0-beta1 may be an unstable version. Use caution.

Last Modified

2024-02-02

source