Miggo Logo

CVE-2016-8579: Denial of Service in docker2aci

4

CVSS Score
3.0

Basic Information

EPSS Score
0.33769%
Published
2/15/2022
Updated
1/9/2023
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/appc/docker2acigo< 0.13.00.13.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the dependency chain traversal logic in getAncestry. The commit 54331ec fixed this by adding a visited-map (deps) to detect cycles. The CVE description explicitly mentions infinite loops in dependency chains, and the patch diff shows cycle detection was added to this specific function. The function's purpose of recursively following parent IDs matches the vulnerability pattern described in CWE-835.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*o*k*r***i <= *.**.* **s *n in*init* loop w**n **n*lin* lo**l im***s wit* *y*li* **p*n**n*y ***in.

Reasoning

T** vuln*r**ility st*ms *rom t** **p*n**n*y ***in tr*v*rs*l lo*i* in `**t*n**stry`. T** *ommit ******* *ix** t*is *y ***in* * visit**-m*p (**ps) to **t**t *y*l*s. T** *V* **s*ription *xpli*itly m*ntions in*init* loops in **p*n**n*y ***ins, *n* t** p*