Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2021-21285 - log back

CVE-2021-21285 edited at 02 Feb 2021 20:33:36

Severity

-	Unknown
+	Medium

Remote

-	Unknown
+	Local

Type

-	Unknown
+	Denial of service

Description

+	In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.

References

+	https://github.com/moby/moby/security/advisories/GHSA-6fj5-m822-rqx8
+	https://github.com/moby/moby/commit/a7d4af84bd2f189b921c3ec60796aa825e3a0f2a

Notes

CVE-2021-21285 created at 02 Feb 2021 20:27:33