uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit one of the Company’s Websites,’s servers send a cookie to your computer. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to, either by responding to a promotional offer, opening an account, or filling out a Web form (such as a “Contact Us” or a “Free Trial” Web form), you remain anonymous to the Company. Please go to our privacy statement for details.


Trending CVEs for the Week of June 3rd, 2019

CVE-2018-15664 – Docker Vulnerability

The BlueKeep vulnerability is still trending on social media and we extensively covered CVE-2019-0708 in May 27th and May 20th blog posts. This week, we will talk about CVE-2018-15664 which is runner-up in the list. Docker is vulnerable to a symlink-race attack.


The API endpoints behind the ‘docker cp’ command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).

Affected Products

Affected Packages are:

  • Red Hat OpenShift Container Platform 3.7
  • Red Hat OpenShift Container Platform 3.6
  • Red Hat Enterprise Linux 7

And, following products are still under investigation:

  • Red Hat OpenShift Container Platform 3.5
  • Red Hat OpenShift Container Platform 3.4
  • Red Hat JBoss Fuse 7

Exploitation and Risk

An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container.


Stopping a container prior to running “docker cp” removes the TOCTOU vulnerability.


National Vulnerability Database

Schedule a Product Demo Today!

See how NopSec's end-to-end Cyber Exposure Management platform can organize your security chaos.