{"id":"CVE-2016-7569","details":"Directory traversal vulnerability in docker2aci before 0.13.0 allows remote attackers to write to arbitrary files via a .. (dot dot) in the embedded layer data in an image.","modified":"2026-04-10T03:53:22.198771Z","published":"2017-01-27T22:59:00.787Z","references":[{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/93194"},{"type":"FIX","url":"https://github.com/appc/docker2aci/issues/201"},{"type":"FIX","url":"https://github.com/appc/docker2aci/releases/tag/v0.13.0"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2016/09/28/4"},{"type":"EVIDENCE","url":"http://www.openwall.com/lists/oss-security/2016/09/28/2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/appc/docker2aci","events":[{"introduced":"0"},{"last_affected":"15d68b33bfee95a448c4da37dbe876baa8fcb5b6"},{"fixed":"0cac1a3ecc114941cf643ec25f4daaeee8c3d538"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.12.3"}]}}],"versions":["v0.12.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7569.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}]}