Download
| Alert*
|
oval:org.secpod.oval:def:1501474
It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container. oval:org.secpod.oval:def:1501478 It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container. oval:org.secpod.oval:def:502173 Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Security Fix: * It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to ... oval:org.secpod.oval:def:42574 The host is installed with RunC on Ubuntu 16.04, 17.04 or 17.10 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly treat a numeric UID. Successful exploitation could allow attackers to to gain privileges via a numeric username in the p ... oval:org.secpod.oval:def:502163 Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Security Fix: * It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to ... oval:org.secpod.oval:def:42584 libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container. oval:org.secpod.oval:def:110613 Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container th ... |
