Docker CVE-2018-15664 Symlink Directory Traversal Vulnerability

Docker is prone to a directory-traversal vulnerability.

An attacker may exploit this issue to gain read/write access to the files outside of the restricted directory; this may aid in further attacks.


Bugtraq ID: 108507
Class: Input Validation Error
CVE: CVE-2018-15664

Remote: Yes
Local: No
Published: May 28 2019 12:00AM
Updated: May 28 2019 12:00AM
Credit: Aleksa Sarai
Vulnerable: Docker Docker 0

Not Vulnerable:


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

Related Posts