CVE-2022-29804

ADVISORY - nist

Summary

Incorrect conversion of certain invalid paths to valid, absolute paths in Clean in path/filepath before Go 1.17.11 and Go 1.18.3 on Windows allows potential directory traversal attack.

EPSS Score⁠: 0.00083 (0.253)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-22⁠

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.