Oracle · Openjdk · CVE-2021-20264
Name of the Vulnerable Software and Affected Versions:
openjdk versions 1.8 through 11
Description:
An insecure modification flaw in the `/etc/passwd` file allows an attacker with access to the container to modify the `/etc/passwd` and escalate their privileges. The highest threat from this issue is to confidentiality, integrity, as well as system availability.
Recommendations:
For openjdk versions 1.8 through 11, consider restricting access to the `/etc/passwd` file to minimize the risk of exploitation. As a temporary workaround, limit privileges within the container to prevent escalation. At the moment, there is no information about a newer version that contains a fix for this issue.