cbcvebase.
CVE-2021-23732
published 2021-11-22

CVE-2021-23732: This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they…

PriorityP261critical9CVSS 3.1
AVNACHPRNUINSCCHIHAH
EPSS
1.82%
76.1th percentile
This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system.

CVSS provenance

nvdv3.19.0CRITICALCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.