An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.
https://docs.docker.com/engine/release-notes/
http://www.openwall.com/lists/oss-security/2020/06/01/5
https://github.com/docker/docker-ce/releases/tag/v19.03.11
http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00040.html
https://www.debian.org/security/2020/dsa-4716
Source: MITRE
Published: 2020-06-02
Updated: 2023-03-01
Type: CWE-20
Base Score: 6
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 6.8
Severity: MEDIUM
Base Score: 6
Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
Impact Score: 3.7
Exploitability Score: 1.8
Severity: MEDIUM