Availability of Proof of Concept for Docker Copy Vulnerability (CVE-2019-14271)

Earlier this week, Unit 42, Palo Alto Networks’ research team, published their analysis of a critical code injection flaw in the Docker identified as CVE-2019-14271. The vulnerability exists in the Docker copy (docker cp) command, which is used to copy files between containers. Exploitation of this flaw can lead to full container escape by an attacker. However, it requires an attacker to have already compromised a container through some other means, or embed the exploit code in a malicious Docker container image. 

While the vulnerability was patched in July 2019, the researchers recently analyzed and published their findings, which included a proof-of-concept.

For more information, please visit our blog.