Docker Build Path Command Execution Vulnerability
A vulnerability in Docker could allow a local attacker to inject and execute arbitrary commands on a targeted system.
The vulnerability exists because the affected software misinterprets the git ref command as a flag. An attacker who is able to execute the docker build command and has control over the build path could exploit this vulnerability to inject and execute arbitrary commands on a targeted system.
Docker has confirmed the vulnerability and released software updates.
Security Impact Rating: High