Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.
Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).
该漏洞编号为CVE-2024-41110,CVSS评分为满分也就是10分,攻击者可以发送Content-Length为0的特制API请求,诱骗Docker守护进程将其转发到AuthZ授权插件中如果用户并未使用身份验证插件则不会受到任何影响,该漏洞核心就是身份验证插件,在不使用验证插件的情况下所有版本以及Docker 阅读原文