Yuri Shapira

**Name of the Vulnerable Software and Affected Versions** Docker Skeleton Runtime for Apache OpenWhisk versions 1.3.0 and earlier **Description** The issue allows an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation. This can occur in a Docker action that inherits the Docker tag openwhisk/dockerskeleton:1.3.0 or earlier. **Recommendations** For Docker Skeleton Runtime for Apache OpenWhisk versions 1.3.0 and earlier, consider updating to a newer version that contains a fix for this issue, although the specific fixed version is not provided in the available data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.