Download
| Alert*
|
oval:org.secpod.oval:def:502173
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Security Fix: * It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to ... oval:org.secpod.oval:def:502163 Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Security Fix: * It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to ... oval:org.secpod.oval:def:1800410 RunC allowed additional container processes via `runc exec` to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these newprocesses during the initialization and can lead to container escapes or modifi ... oval:org.secpod.oval:def:51008 A vulnerability was discovered in runc, which is used by Docker to run containers. runc did not prevent container processes from modifying the runc binary via /proc/self/exe. A malicious container could replace the runc binary, resulting in container escape and privilege escalation. This was fixed b ... |
