CVE-2021-34079 Information

Description

OS Command injection vulnerability in Mintzo Docker-Tester through 1.2.1 allows attackers to execute arbitrary commands via shell metacharacters in the ‘ports’ entry of a crafted docker-compose.yml file.

Reference

https://www.npmjs.com/package/docker-tester https://advisory.checkmarx.net/advisory/CX-2021-4786