CVE-2021-23732

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in npm/docker-cli-js

Identifiers

CVE-2021-23732

Package Slug

npm/docker-cli-js

Vulnerability

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Description

If the command parameter of the Docker.command method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system.

Affected Versions

All versions

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-12-01

source