Download
| Alert*
oval:org.secpod.oval:def:1601484
A bug was found in Moby where attempting to copy files using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the host 2019s filesystem, widening access to others. This bug does not directly allow files to be read, modified, or executed w ... oval:org.secpod.oval:def:1700858 A file permissions vulnerability was found in Moby . Copying files by using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the host's filesystem, which might lead to permissions escalation and allow an attacker access to restricted dat ... oval:org.secpod.oval:def:76584 docker.io: Linux container runtime Docker could be made to expose sensitive information over the network. oval:org.secpod.oval:def:1701951 A file permissions vulnerability was found in Moby . Copying files by using into a specially-crafted container can result in Unix file permission changes for existing files in the host's filesystem, which might lead to permissions escalation and allow an attacker access to restricted data. Moby is a ... oval:org.secpod.oval:def:1700860 A file permissions vulnerability was found in Moby . Copying files by using `docker cp` into a specially-crafted container can result in Unix file permission changes for existing files in the host's filesystem, which might lead to permissions escalation and allow an attacker access to restricted dat ... oval:org.secpod.oval:def:706209 docker.io: Linux container runtime Docker could be made to expose sensitive information over the network. oval:org.secpod.oval:def:89045758 This update for containerd, docker, runc fixes the following issues: Docker was updated to 20.10.9-ce. See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md. CVE-2021-41092 CVE-2021-41089 CVE-2021-41091 CVE-2021-41103 container was updated to v1.4.11, to fix CVE-2021-41 ... oval:org.secpod.oval:def:120887 Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision, l ... oval:org.secpod.oval:def:120886 Docker is an open source project to build, ship and run any application as a lightweight container. Docker containers are both hardware-agnostic and platform-agnostic. This means they can run anywhere, from your laptop to the largest EC2 compute instance and everything in between - and they donot re ... |