← volver
CVE-2020-27534

CVE-2020-27534

EPSS 1.7%
util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.TempDir call.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/moby/buildkit/pull/1462https://github.com/moby/moby/pull/40877https://golang.org/pkg/io/ioutil/#TempDirhttps://golang.org/pkg/os/#TempDirhttp://web.archive.org/web/20200530054359/https://docs.docker.com/engine/release-notes/