CVE-2018-11757

Name of the Vulnerable Software and Affected Versions Docker Skeleton Runtime for Apache OpenWhisk versions 1.3.0 and earlier

Description The issue allows an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation. This can occur in a Docker action that inherits the Docker tag openwhisk/dockerskeleton:1.3.0 or earlier.

Recommendations For Docker Skeleton Runtime for Apache OpenWhisk versions 1.3.0 and earlier, consider updating to a newer version that contains a fix for this issue, although the specific fixed version is not provided in the available data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.