2 matches found
CVE-2019-5736
CVE-2019-5736 affects runc as shipped in Docker before 18.09.2 and other products, enabling a container to overwrite the host runc binary via /proc/self/exe and gain host root. Root cause: file-descriptor mishandling in runc leading to command execution as root inside a container. Affected versio...
CVE-2019-10365
The CVE-2019-10365 entry concerns Jenkins Google Kubernetes Engine Plugin (versions 0.6.2 and earlier). The underlying issue is that the plugin creates a temporary file containing a temporary access token in the project workspace, exposing it to users with Job/Read permission. Documents from RH R...