Lucene search
+L

269 matches found

NVD
NVD
added 2019/02/11 7:29 p.m.27 views

CVE-2019-5736

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary and consequently obtain host root access by leveraging the ability to execute a command as root within one of these types of containers: 1 a new container with an...

9.3CVSS8.7AI score0.9857EPSS
Exploits33References66
Debian CVE
Debian CVE
added 2019/02/11 12:0 a.m.41 views

CVE-2019-5736

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary and consequently obtain host root access by leveraging the ability to execute a command as root within one of these types of containers: 1 a new container with an...

9.3CVSS7.6AI score0.9857EPSS
Exploits33
Cvelist
Cvelist
added 2019/02/11 12:0 a.m.43 views

CVE-2019-5736

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary and consequently obtain host root access by leveraging the ability to execute a command as root within one of these types of containers: 1 a new container with an...

8.9AI score0.9857EPSS
Exploits33References66
OSV
OSV
added 2017/01/31 10:59 p.m.9 views

CVE-2016-9962

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...

6.4CVSS6.7AI score0.00377EPSS
Exploits0References16
Debian CVE
Debian CVE
added 2017/01/31 10:0 p.m.47 views

CVE-2016-9962

RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or...

6.4CVSS7.1AI score0.00377EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2017/01/30 12:0 a.m.11 views

PT-2017-4094 · Open Container Initiative +3 · Runc +3

Name of the Vulnerable Software and Affected Versions: runc affected versions not specified Description: The issue is related to a flaw in tracking additional container processes using the container's pid 1, which can be exploited to gain access to sensitive data, compromise data integrity, and...

9.8CVSS6.4AI score0.9857EPSS
Exploits41References87
RedHat Linux
RedHat Linux
added 2017/01/17 8:39 p.m.96 views

Moderate: Red Hat Security Advisory: docker security, bug fix, and enhancement update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

6.4CVSS6.6AI score0.00377EPSS
Exploits0References30
Amazon
Amazon
added 2017/01/10 12:0 a.m.51 views

Important: docker

Issue Overview: It was discovered that runC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file descriptors of these new processes during the initialization,...

6.4CVSS7.3AI score0.00377EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2016/08/03 12:0 a.m.5 views

PT-2020-10295 · Open Container Initiative +7 · Runc +7

Name of the Vulnerable Software and Affected Versions: runc versions through 1.0.0-rc9 runc version 1.0.0-rc10 is not affected, as it contains the fix for this issue. Description: The issue is related to incorrect access control, leading to escalation of privileges. An attacker must be able to...

9.8CVSS6.6AI score0.9857EPSS
Exploits55References276
Rows per page
Query Builder