Download
| Alert*
oval:org.secpod.oval:def:1501187
docker-engine is installed oval:org.secpod.oval:def:1501474 It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container. oval:org.secpod.oval:def:1501478 It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container. oval:org.secpod.oval:def:1501188 During Docker pulls validation and extraction of the manifest object from its JSON representation are done in separate steps. The digest that represents the manifest corresponds to a hash of the payload portion of the JSON blob returned by the remote registry. Even though the validity of the payload ... oval:org.secpod.oval:def:1501186 During Docker pulls validation and extraction of the manifest object from its JSON representation are done in separate steps. The digest that represents the manifest corresponds to a hash of the payload portion of the JSON blob returned by the remote registry. Even though the validity of the payload ... oval:org.secpod.oval:def:1505239 docker-engine [19.03.11-11] - Addresses CVE-2021-30465 - updated runc minimum version to runc oval:org.secpod.oval:def:1501741 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1501740 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1502538 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505267 containerd [1.4.8-1] - Address CVE-2021-32760 docker-cli [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. docker-engine [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. oval:org.secpod.oval:def:1505035 containerd [1.4.8-1] - Address CVE-2021-32760 docker-cli [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. docker-engine [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. |