EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2023-2352)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploi...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2023-2378)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploi...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2023-2352)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3369 : golang-github-opencontainers-runc-dev - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3369 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3369-1 [email protected]...

Debian: Security Advisory (DLA-3369-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K33820305: runc vulnerability CVE-2021-30465

Security Advisory Description runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack th...

SUSE CVE-2021-30465

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition...

Oracle Linux 7 : runc (ELSA-2021-14902)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-14902 advisory. 1.0.0-1.rc95 - Addresses CVE-2021-30465 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessu...

NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Multiple Vulnerabilities (NS-SA-2022-0007)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by multiple vulnerabilities: - runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because...

Rocky Linux 8 : container-tools:3.0 (RLSA-2021:2370)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2021:2370 advisory. - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multipl...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2021-2547)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2021-2292)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : docker-engine (EulerOS-SA-2021-2292)

According to the version of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be abl...

openSUSE 15 Security Update : containerd, docker, runc (openSUSE-SU-2021:1954-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1954-1 advisory. - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root...

Oracle Linux 7 : docker-engine / docker-cli (ELSA-2021-9329)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9329 advisory. - Addresses CVE-2021-30465 - updated runc minimum version to runc = 3:1.0.0-1.rc95. Tenable has extracted the preceding description block directly from the Orac...

Oracle Linux 8 : container-tools:ol8 (ELSA-2021-2371)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2371 advisory. - fix CVE-2021-30465 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

Oracle Linux 8 : container-tools:3.0 (ELSA-2021-2370)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-2370 advisory. - fix CVE-2021-30465 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

OESA-2021-1215 runc security update

runc is a CLI tool for spawning and running containers according to the OCI specification. Security Fixes: runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly...

Oracle Linux 7 : runc (ELSA-2021-9298)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-9298 advisory. 1.0.0-1.rc95 - Addresses CVE-2021-30465 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...

SUSE SLES12 Security Update : runc (SUSE-SU-2021:1885-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2021:1885-1 advisory. - runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to crea...