8 matches found
RHEL 7 : docker (RHSA-2020:2653)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2653 advisory. Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that...
Important: Red Hat Security Advisory: docker security update
An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
openSUSE Security Update : containerd / docker / runc (openSUSE-2016-1400)
This update for containerd, docker, runc fixes the following issues : Security issues fixed : - CVE-2016-8867: Fix ambient capability usage in containers bsc1007249. Bugfixes : - boo1006368: Fixed broken docker/containerd installation when installed by SuSE Studio in an appliance. - boo1004490:...
CVE-2016-8867
The runc version as used in docker 1.12.2 was incorrectly setting ambient capabilities for all processes executed inside containers. This caused processes of non-root users to run with unexpected privileges, allowing them to escalate their privileges to root...
CVE-2016-8867
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes...
CVE-2016-8867
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes...
CVE-2016-8867
CVE-2016-8867 affects Docker Engine 1.12.2, where ambient capabilities were enabled due to misconfigured capability policies. This allowed a malicious image to bypass container user permissions and access files in the container filesystem or mounted volumes. The issue is cited across multiple adv...
CVE-2016-8867
Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user permissions to access files within the container filesystem or mounted volumes...