{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-05-22T00:00:00", "descriptions": [{"lang": "en", "value": "In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-09-01T23:06:07", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1096726"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/moby/moby/pull/39252"}, {"name": "[oss-security] 20190528 CVE-2018-15664: docker (all versions) is vulnerable to a symlink-race attack", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/05/28/1"}, {"name": "108507", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/108507"}, {"name": "openSUSE-SU-2019:1621", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00066.html"}, {"name": "USN-4048-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4048-1/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-15664"}, {"name": "RHSA-2019:1910", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1910"}, {"name": "[oss-security] 20190821 RE: CVE-2018-15664: docker (all versions) is vulnerable to a symlink-race attack", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/08/21/1"}, {"name": "openSUSE-SU-2019:2044", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-15664", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.suse.com/show_bug.cgi?id=1096726", "refsource": "MISC", "url": "https://bugzilla.suse.com/show_bug.cgi?id=1096726"}, {"name": "https://github.com/moby/moby/pull/39252", "refsource": "MISC", "url": "https://github.com/moby/moby/pull/39252"}, {"name": "[oss-security] 20190528 CVE-2018-15664: docker (all versions) is vulnerable to a symlink-race attack", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/05/28/1"}, {"name": "108507", "refsource": "BID", "url": "http://www.securityfocus.com/bid/108507"}, {"name": "openSUSE-SU-2019:1621", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00066.html"}, {"name": "USN-4048-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4048-1/"}, {"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-15664", "refsource": "CONFIRM", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-15664"}, {"name": "RHSA-2019:1910", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1910"}, {"name": "[oss-security] 20190821 RE: CVE-2018-15664: docker (all versions) is vulnerable to a symlink-race attack", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/08/21/1"}, {"name": "openSUSE-SU-2019:2044", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-15664", "datePublished": "2019-05-23T13:58:37", "dateReserved": "2018-08-21T00:00:00", "dateUpdated": "2019-09-01T23:06:07", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "03ED214E-B35E-4269-AB60-DC153D84A7EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "23DC417C-741C-4B54-AC05-695266F837BC", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "EA9CEEEF-FA4C-466B-B06A-409B412911CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc3:*:*:community:*:*:*", "matchCriteriaId": "1D56B684-9D21-456D-AEAF-681FE4AF34DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc4:*:*:community:*:*:*", "matchCriteriaId": "6AC3E4B6-3D75-408D-B3CD-0E5FC83DC303", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.0-ce:rc5:*:*:community:*:*:*", "matchCriteriaId": "1BA3AC1D-E044-4F3F-A880-9D57E6247D3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:*:*:*:community:*:*:*", "matchCriteriaId": "ADFFCF49-C72C-4122-8035-D56FBDF36EF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "A07F31B1-0471-4496-98E8-3D50D62A9376", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "157499DF-2A7E-4615-9F6B-383F998D45D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:rc3:*:*:community:*:*:*", "matchCriteriaId": "426A1B51-9C0C-4E2E-AD7B-F2C9C2F90DC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.1-ce:rc4:*:*:community:*:*:*", "matchCriteriaId": "BA3C59E2-4528-498B-B77A-CCDB9E1F2EC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2-ce:*:*:*:community:*:*:*", "matchCriteriaId": "FF0BFEAD-83C4-43C3-AF7F-B07E623027CA", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.06.2-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "90446BD3-E1E0-4FF0-8617-635C1428206C", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "346B183E-B29A-4D11-A5EB-B4263AE2A930", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "0E3245D9-EE7C-48C6-ADA7-D09BAC758335", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "06067BD7-BF28-4C3C-8AA4-33AE91D1A08D", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:rc3:*:*:community:*:*:*", "matchCriteriaId": "2AA91357-976E-4E58-933F-3B5053E44AD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.07.0-ce:rc4:*:*:community:*:*:*", "matchCriteriaId": "08DBC6A3-AFC6-4D34-B2C6-E7557A9BAC55", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.09.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "0CDFF197-1317-4E9A-89AC-42A347E92CB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.09.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "DBA8D554-BA26-4440-83C1-623B02B9378A", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.09.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "444F283F-E95D-4885-88E9-552846EB34B4", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.09.0-ce:rc3:*:*:community:*:*:*", "matchCriteriaId": "F0C3E0C2-B036-49CE-99DF-7243AFFD23D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.09.1-ce:*:*:*:community:*:*:*", "matchCriteriaId": "443E631B-4D7D-4C45-8A64-6C98DD18D286", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.09.1-ce-:rc1:*:*:community:*:*:*", "matchCriteriaId": "CDE4D9DF-794E-4ACB-88D4-866F1D333B72", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.10.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "3332E705-364B-4CFE-8EFE-791191DD6D92", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.10.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "CB5190C1-B7B3-4CA5-8B04-7C4C29952687", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.10.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "7926C680-46ED-49FE-9000-A2CCD61CF6EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "B7C29495-0403-4D11-9687-249DCD60536B", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "9CFCE477-6B5C-43B2-BA05-2D4B8C18168A", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "62A4CEB1-4053-4508-9FE7-0D23A61CEE64", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:rc3:*:*:community:*:*:*", "matchCriteriaId": "A3BC6153-1036-4A2B-8E6B-CCCBE9866641", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.11.0-ce:rc4:*:*:community:*:*:*", "matchCriteriaId": "EB4E8414-1B6C-457E-8C1D-19D962FEF212", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "A4FE190B-896E-4CFD-AD14-B8F990F6C2D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "03558F57-4DB4-42A1-8FFF-E32455F14D43", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "BD7FE2CE-D564-4B0F-A86C-3D9D8ADB4209", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:rc3:*:*:community:*:*:*", "matchCriteriaId": "CE6482EC-8B28-4EBA-8D31-444AF20CDF45", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.12.0-ce:rc4:*:*:community:*:*:*", "matchCriteriaId": "2B6895B8-84E0-4796-9BE6-F560F78B6F09", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.12.1-ce:*:*:*:community:*:*:*", "matchCriteriaId": "2476F29C-9011-4040-B45B-ABEA9D9B989A", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.12.1-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "BA34377A-7FAF-489F-967C-592F4DDAA395", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:17.12.1-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "F5981E01-90F2-4950-BDCC-049B8CF11BF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.01.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "6A67CC6A-5DFF-4EC8-AD89-CBE61D5B1E86", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.01.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "417A41D1-95F5-4F11-A84A-80EFB5470FDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.02.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "E6EFF14F-CD0B-4AC6-95F8-AEAAE0AFC9F5", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.02.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "749D44D3-0800-452D-B617-16533AFCDB9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.02.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "BFDB4066-4966-45DA-886B-83B4DA10E5DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "A632A32E-83CC-4643-A92E-4B853772B1E5", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "74447A87-49F6-40E9-B42B-4DD10915FD5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "850F9B89-B19C-4334-B188-ED9B30E4858F", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:rc3:*:*:community:*:*:*", "matchCriteriaId": "DC41D120-BB84-497B-8E14-4242DA34336B", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.0-ce:rc4:*:*:community:*:*:*", "matchCriteriaId": "D3A6BC7B-16B3-4C38-884F-F3D58D02DCB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1-ce:*:*:*:community:*:*:*", "matchCriteriaId": "76C71530-639E-4E9A-B74F-0D046E0F1A35", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "B1C17446-B119-483F-8BB2-80DBE1CD28C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.03.1-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "D5DEED51-DDC3-40CA-8FDA-59462492BEA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.04.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "CF279FD4-58D4-4272-AC14-DE9D79D88BE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.04.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "749AA8E0-2F98-424C-9A0D-9F91987F3A5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.04.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "E5C31E97-B350-457C-9EBE-CD9DEC94D818", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.05.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "DE28CE42-3EB2-4032-BEE6-C87C65551B94", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.05.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "2704A6EF-A030-4B3F-8160-EE1F4B401E8D", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.06.0-ce:*:*:*:community:*:*:*", "matchCriteriaId": "18C4AB1B-79B0-4F1B-A80D-B4F16C49BFF7", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.06.0-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "A48C808D-7B04-457F-9724-1694696773CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.06.0-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "D20E4F37-3E9E-4A42-8E6A-7888776B2C5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.06.0-ce:rc3:*:*:community:*:*:*", "matchCriteriaId": "6CBB326E-A337-4047-B332-E12EB6F00E1F", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.06.1-ce:rc1:*:*:community:*:*:*", "matchCriteriaId": "F2A1AE6D-371D-4876-90B7-0B8D62D5AFB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:docker:docker:18.06.1-ce:rc2:*:*:community:*:*:*", "matchCriteriaId": "D2AF3BE5-8C7B-4F4C-A381-59DFF1B5233A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot)."}, {"lang": "es", "value": "En Docker hasta la versi\u00f3n 18.06.1-ce-rc2, los endpoints API debajo del comando 'docker cp' son vulnerables a un ataque de de tipo symlink-exchange con salto de directorio, dando a los atacantes acceso arbitrario de lectura-escritura al sistema de archivos del host con privilegios de root, porque daemon/archive.go no genera operaciones de archivo en un filesystem congelado (o desde dentro de una operaci\u00f3n chroot)."}], "id": "CVE-2018-15664", "lastModified": "2019-06-25T12:15:10.187", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 1.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.8, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-05-23T14:29:07.453", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00066.html"}, {"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00001.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Exploit", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/05/28/1"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2019/08/21/1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/108507"}, {"source": "cve@mitre.org", "url": "https://access.redhat.com/errata/RHSA-2019:1910"}, {"source": "nvd@nist.gov", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/cve-2018-15664"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Exploit", "Third Party Advisory"], "url": "https://bugzilla.suse.com/show_bug.cgi?id=1096726"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://github.com/moby/moby/pull/39252"}, {"source": "cve@mitre.org", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-15664"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4048-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}