This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2021-11-22T17:00:16.652953Z

Updated: 2024-09-17T03:22:30.852Z

Reserved: 2021-01-08T00:00:00

Link: CVE-2021-23732

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-11-22T17:15:08.547

Modified: 2024-11-21T05:51:52.617

Link: CVE-2021-23732

cve-icon Redhat

No data.