2 matches found
Design/Logic Flaw
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization "mount namespace breakout" and write to arbitrary file on the host system via a symlink attack in an image when respawning a container...
CVE-2012-1986
Puppet CVE-2012-1986 affects Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, plus Puppet Enterprise (PE) 1.0–2.5.x before 2.5.1. Remote authenticated users with an authorized SSL key and certain puppet-master permissions can read arbitrary files via a symlink attack when making a crafted REST...