Directory traversal vulnerability in docker2aci before 0.13.0 allows remote attackers to write to arbitrary files via a .. (dot dot) in the embedded layer data in an image.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-22,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| docker2aci_project | docker2aci | * |
docker2aci <= 0.12.3 has an infinite loop when handling local images with cyclic dependency chain.
CVSS 2.0
Severity: LOW
Problem Type: CWE-20,CWE-399,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| docker2aci_project | docker2aci | 0.12.3 |