Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description CLI tool for managing OCI compliant containers
Version 1.0.2-2 [community]


Group Affected Fixed Severity Status Ticket
AVG-1972 1.0.0rc94-1 1.0.0rc95-1 High Fixed
AVG-878 1.0.0rc5+168+g079817cc-1 1.0.0rc6-1 High Fixed
AVG-134 0.1.1-4 1.0.0rc5+19+g69663f0b-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2021-30465 AVG-1972 High No Sandbox escape
runc 1.0.0-rc94 and earlier are vulnerable to a symlink exchange attack where an attacker with the ability to start containers using a custom volume...
CVE-2019-5736 AVG-878 High Yes Privilege escalation
A vulnerability discovered in runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary...
CVE-2016-9962 AVG-134 High No Privilege escalation
The runc component used by `docker exec` feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows...


Date Advisory Group Severity Type
25 May 2021 ASA-202105-17 AVG-1972 High sandbox escape
11 Feb 2019 ASA-201902-6 AVG-878 High privilege escalation
16 May 2018 ASA-201805-11 AVG-134 High privilege escalation