2 matches found
Amazon Linux 2 : runc (ALASECS-2023-004)
The version of runc installed on the remote host is prior to 1.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2ECS-2023-004 advisory. runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was foun...
DEBIAN-CVE-2017-16539
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss when certain older Linux kernels are used by leveraging Docker container access to write a "scsi remove-single-device" line to...