Количество 31
Количество 31
CVE-2023-27561
runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges related to libcontainer/rootfs_linux.go. To exploit this an attacker must be able to spawn two containers with custom volume-mount configurations and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.
CVE-2023-27561
runc through 1.1.4 has Incorrect Access Control leading to Escalation ...
CVE-2023-28642
runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.
CVE-2023-28642
runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.
CVE-2023-28642
runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image.
CVE-2023-28642
AppArmor bypass with symlinked /proc in runc
CVE-2023-28642
runc is a CLI tool for spawning and running containers according to th ...
GHSA-vpvm-3wq2-2wvm
Opencontainers runc Incorrect Authorization vulnerability
BDU:2023-03863
Уязвимость компонента libcontainer/rootfs_linux.go инструмента для запуска изолированных контейнеров Runc, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
GHSA-g2j6-57v7-gm8c
runc AppArmor bypass with symlinked /proc
BDU:2023-03869
Уязвимость инструмента для запуска изолированных контейнеров Runc, связанная с неверным определением символических ссылок перед доступом к файлу, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-27561 runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges related to libcontainer/rootfs_linux.go. To exploit this an attacker must be able to spawn two containers with custom volume-mount configurations and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression. | CVSS3: 7 | 0% Низкий | почти 3 года назад |
| CVE-2023-27561 runc through 1.1.4 has Incorrect Access Control leading to Escalation ... | CVSS3: 7 | 0% Низкий | почти 3 года назад |
 | CVE-2023-28642 runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image. | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
 | CVE-2023-28642 runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image. | CVSS3: 7.8 | 0% Низкий | почти 3 года назад |
 | CVE-2023-28642 runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration. This issue has been fixed in runc version 1.1.5, by prohibiting symlinked `/proc`. See PR #3785 for details. users are advised to upgrade. Users unable to upgrade should avoid using an untrusted container image. | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
| CVE-2023-28642 AppArmor bypass with symlinked /proc in runc | CVSS3: 7.8 | 0% Низкий | почти 3 года назад |
| CVE-2023-28642 runc is a CLI tool for spawning and running containers according to th ... | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
| GHSA-vpvm-3wq2-2wvm Opencontainers runc Incorrect Authorization vulnerability | CVSS3: 7 | 0% Низкий | почти 3 года назад |
 | BDU:2023-03863 Уязвимость компонента libcontainer/rootfs_linux.go инструмента для запуска изолированных контейнеров Runc, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании | CVSS3: 7 | 0% Низкий | почти 3 года назад |
| GHSA-g2j6-57v7-gm8c runc AppArmor bypass with symlinked /proc | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
| BDU:2023-03869 Уязвимость инструмента для запуска изолированных контейнеров Runc, связанная с неверным определением символических ссылок перед доступом к файлу, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании | CVSS3: 7.8 | 0% Низкий | почти 3 года назад |
Уязвимостей на страницу