Docker Image Manifest Malformed Pull Vulnerability

Docker Image Manifest Malformed Pull Vulnerability

CVE-2021-21285 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.

Learn more about our Cis Benchmark Audit For Docker.