rpm package
suse/docker-runc&distro=SUSE OpenStack Cloud 6
pkg:rpm/suse/docker-runc&distro=SUSE%20OpenStack%20Cloud%206
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-16539 | Med | 5.9 | < 1.0.0rc4+gitr3338_3f2f8b84a77f-1.3.1 | 1.0.0rc4+gitr3338_3f2f8b84a77f-1.3.1 | Nov 4, 2017 | The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-dev | |
| CVE-2017-14992 | Med | 6.5 | < 1.0.0rc4+gitr3338_3f2f8b84a77f-1.3.1 | 1.0.0rc4+gitr3338_3f2f8b84a77f-1.3.1 | Nov 1, 2017 | Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing. |
- affected < 1.0.0rc4+gitr3338_3f2f8b84a77f-1.3.1fixed 1.0.0rc4+gitr3338_3f2f8b84a77f-1.3.1
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trigger data loss (when certain older Linux kernels are used) by leveraging Docker container access to write a "scsi remove-single-dev
- affected < 1.0.0rc4+gitr3338_3f2f8b84a77f-1.3.1fixed 1.0.0rc4+gitr3338_3f2f8b84a77f-1.3.1
Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing.