VYPR

apk package

chainguard/runc

pkg:apk/chainguard/runc

Vulnerabilities (85)

  • CVE-2021-30465HigMay 27, 2021
    affected < 0fixed 0

    runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on

  • CVE-2019-19921HigFeb 12, 2020
    affected < 0fixed 0

    runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vul

  • CVE-2019-16884HigSep 25, 2019
    affected < 0fixed 0

    runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

  • CVE-2016-9962MedJan 31, 2017
    affected < 0fixed 0

    RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to conta

  • CVE-2016-3697HigJun 1, 2016
    affected < 0fixed 0

    libcontainer/user/user.go in runC before 0.1.0, as used in Docker before 1.11.2, improperly treats a numeric UID as a potential username, which allows local users to gain privileges via a numeric username in the password file in a container.

Page 5 of 5