OS Command Injection In docker-cli-js
This advisory was classified as a False Positive during our data review process to ensure accuracy and data quality.
Description
OS Command injection in docker-cli-js
Withdrawn
After reviewing this CVE, and this response from the maintainer, we have withdrawn this advisory.
Original CVE description
This affects all versions of package docker-cli-js. If the command parameter of the Docker.command method can at least be partially controlled by a user, they will be in a position to execute any arbitrary OS commands on the host system.
Mitigation
Update Impact
Minimal update. May introduce new vulnerabilities or breaking changes.
Ecosystem | Package | Affected version |
|---|---|---|
 npm |
Aliases
1. 2. 3. 4.
References
1. 2.