Vulnerability Details CVE-2021-23732
This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.8%
CVSS Severity
CVSS v3 Score 9.0
CVSS v2 Score 9.3
References
Products affected by CVE-2021-23732
-
cpe:2.3:a:quobject:docker-cli-js:-