rpm package
suse/docker-runc&distro=SUSE Manager Retail Branch Server 4.0
pkg:rpm/suse/docker-runc&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.0
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21284 | — | < 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3 | 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3 | Feb 2, 2021 | In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesy | ||
| CVE-2021-21285 | — | < 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3 | 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3 | Feb 2, 2021 | In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing. | ||
| CVE-2020-15257 | — | < 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3 | 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3 | Dec 1, 2020 | containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified tha |
- CVE-2021-21284Feb 2, 2021affected < 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3fixed 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesy
- CVE-2021-21285Feb 2, 2021affected < 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3fixed 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.
- CVE-2020-15257Dec 1, 2020affected < 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3fixed 1.0.0rc10+gitr3981_dc9208a3303f-6.45.3
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed to host network containers. Access controls for the shim’s API socket verified tha