x/vulndb: potential Go vuln in github.com/moby/moby: GHSA-vj3f-3286-r4pf

[julieqiu]

In GitHub Security Advisory GHSA-vj3f-3286-r4pf, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/moby/moby	1.3.3	< 1.3.3

See doc/triage.md for instructions on how to triage this report.

packages:
  - package: github.com/moby/moby
    versions:
      - fixed: 1.3.3
  - package: github.com/docker/docker
    versions:
      - fixed: 1.3.3
description: Path traversal vulnerability in Docker before 1.3.3 allows remote attackers
    to write to arbitrary files and bypass a container protection mechanism via a
    full pathname in a symlink in an (1) image or (2) build in a Dockerfile.
published: 2021-05-18T21:09:17Z
last_modified: 2022-04-19T19:03:27Z
cves:
  - CVE-2014-9356
ghsas:
  - GHSA-vj3f-3286-r4pf
links:
    context:
      - https://github.com/advisories/GHSA-vj3f-3286-r4pf

[julieqiu]

Vulnerability in tool. Not importable.