In Docker before 18.09.4, an attacker who is capable of supplying or
manipulating the build path for the "docker build" command would be able to
gain command execution. An issue exists in the way "docker build" processes
remote git URLs, and results in command injection into the underlying "git
clone" command, leading to code execution in the context of the user
executing the "docker build" command. This occurs because git ref can be
misinterpreted as a flag.
Upstream:released (18.09.4)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (18.09.7)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (18.09.7)
Ubuntu 19.10 (Eoan Ermine):not-affected (18.09.7)
More Information

Updated: 2020-01-29 20:04:48 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)