Количество 33
Количество 33
GHSA-gxmr-w5mj-v8hh
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.
CVE-2019-5736
CVE-2019-5736
runc through 1.0-rc6, as used in Docker before 18.09.2 and other produ ...
openSUSE-SU-2019:2245-1
Security update for lxc
openSUSE-SU-2019:0252-1
Security update for docker-runc
openSUSE-SU-2019:0201-1
Security update for docker-runc
SUSE-SU-2019:0385-1
Security update for docker-runc
SUSE-SU-2019:0362-1
Security update for docker-runc
RLSA-2019:0975
Important: container-tools:rhel8 security and bug fix update
ELSA-2021-9203
ELSA-2021-9203: runc bug fix update (IMPORTANT)
ELSA-2019-4540
ELSA-2019-4540: runc security update (IMPORTANT)
ELSA-2019-0975
ELSA-2019-0975: container-tools:rhel8 security and bug fix update (IMPORTANT)
BDU:2019-00826
Уязвимость инструмента для запуска изолированных контейнеров runc, связанная с ошибками обработки файлового дескриптора, позволяющая нарушителю выполнить произвольный код
openSUSE-SU-2019:1275-1
Security update for lxc, lxcfs
ELSA-2019-4551
ELSA-2019-4551: docker-engine security update (IMPORTANT)
ELSA-2019-4550
ELSA-2019-4550: docker-engine security update (IMPORTANT)
openSUSE-SU-2019:2021-1
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-gxmr-w5mj-v8hh runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. | CVSS3: 8.6 | 52% Средний | около 3 лет назад |
 | CVE-2019-5736 runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. | CVSS3: 8.6 | 52% Средний | больше 6 лет назад |
 | CVE-2019-5736 runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. | CVSS3: 7.7 | 52% Средний | больше 6 лет назад |
 | CVE-2019-5736 runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe. | CVSS3: 8.6 | 52% Средний | больше 6 лет назад |
 | CVSS3: 8.6 | 52% Средний | почти 4 года назад | |
| CVE-2019-5736 runc through 1.0-rc6, as used in Docker before 18.09.2 and other produ ... | CVSS3: 8.6 | 52% Средний | больше 6 лет назад |
 | openSUSE-SU-2019:2245-1 Security update for lxc | 52% Средний | больше 5 лет назад | |
| openSUSE-SU-2019:0252-1 Security update for docker-runc | 52% Средний | около 6 лет назад | |
| openSUSE-SU-2019:0201-1 Security update for docker-runc | 52% Средний | больше 6 лет назад | |
| SUSE-SU-2019:0385-1 Security update for docker-runc | 52% Средний | больше 6 лет назад | |
| SUSE-SU-2019:0362-1 Security update for docker-runc | 52% Средний | больше 6 лет назад | |
 | RLSA-2019:0975 Important: container-tools:rhel8 security and bug fix update | 52% Средний | около 6 лет назад | |
| ELSA-2021-9203 ELSA-2021-9203: runc bug fix update (IMPORTANT) | около 4 лет назад | ||
| ELSA-2019-4540 ELSA-2019-4540: runc security update (IMPORTANT) | больше 6 лет назад | ||
| ELSA-2019-0975 ELSA-2019-0975: container-tools:rhel8 security and bug fix update (IMPORTANT) | почти 6 лет назад | ||
 | BDU:2019-00826 Уязвимость инструмента для запуска изолированных контейнеров runc, связанная с ошибками обработки файлового дескриптора, позволяющая нарушителю выполнить произвольный код | CVSS3: 8.2 | 52% Средний | больше 6 лет назад |
| openSUSE-SU-2019:1275-1 Security update for lxc, lxcfs | около 6 лет назад | ||
| ELSA-2019-4551 ELSA-2019-4551: docker-engine security update (IMPORTANT) | больше 6 лет назад | ||
| ELSA-2019-4550 ELSA-2019-4550: docker-engine security update (IMPORTANT) | больше 6 лет назад | ||
| openSUSE-SU-2019:2021-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork | почти 6 лет назад |
Уязвимостей на страницу