VYPR
High severityNVD Advisory· Published May 27, 2021· Updated Aug 3, 2024

CVE-2021-30465

CVE-2021-30465

Description

runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/opencontainers/runcGo
< 1.0.0-rc951.0.0-rc95

Affected products

87

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.