CVE-2021-23732
npm/docker-cli-js
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
If the command parameter of the Docker.command
method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system.
All versions
Unfortunately, there is no solution available yet.
2021-12-01
source |