Download
| Alert*
oval:org.secpod.oval:def:42576
The host is installed with docker.io on Ubuntu 14.04 or 16.04 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly assign permissions. Successful exploitation could allow attackers to obtain sensitive information, and perform protocol ... oval:org.secpod.oval:def:1501020 Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container. oval:org.secpod.oval:def:1501021 Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container. oval:org.secpod.oval:def:1200179 The file-descriptor passed by libcontainer to the pid-1 process of a container has been found to be opened prior to performing the chroot, allowing insecure open and symlink traversal. This allows malicious container images to trigger a local privilege escalation. Libcontainer version 1.6.0 introduc ... |