CVE-2021-21285

Summary

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.

Affected Software

VendorProductVersion RangeStatus
mobymoby< 19.03.15affected
mobymoby>= 20.0.0, < 20.10.3affected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption

ADP Enrichment

CVE Program Container

Additional References

References