Improper Input Validation in Docker Engine
Moderate severity
GitHub Reviewed
Published
Feb 15, 2022
to the GitHub Advisory Database
•
Updated Mar 2, 2023
Description
Published by the National Vulnerability Database
Jun 2, 2020
Reviewed
May 14, 2021
Published to the GitHub Advisory Database
Feb 15, 2022
Last updated
Mar 2, 2023
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.
References