← Back

Docker Compose Remote Api

docker-compose-remote-api

Vendor: Docker Compose Remote Api Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-7606
1Docker Compose Remote Api Project
1Docker Compose Remote Api
Nov 21, 2024
Mar 15, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
docker-compose-remote-api through 0.1.4 allows execution of arbitrary commands. Within 'index.js' of the package, the function 'exec(serviceName, cmd, fnStdout, fnStderr, fnExit)' uses the variable 'serviceName' which ca...Show more
docker-compose-remote-api through 0.1.4 allows execution of arbitrary commands. Within 'index.js' of the package, the function 'exec(serviceName, cmd, fnStdout, fnStderr, fnExit)' uses the variable 'serviceName' which can be controlled by users without any sanitization.Show less