Apache · Docker Skeleton Runtime For Apache Openwhisk · CVE-2018-11757
**Name of the Vulnerable Software and Affected Versions**
Docker Skeleton Runtime for Apache OpenWhisk versions 1.3.0 and earlier
**Description**
The issue allows an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation. This can occur in a Docker action that inherits the Docker tag openwhisk/dockerskeleton:1.3.0 or earlier.
**Recommendations**
For Docker Skeleton Runtime for Apache OpenWhisk versions 1.3.0 and earlier, consider updating to a newer version that contains a fix for this issue, although the specific fixed version is not provided in the available data. At the moment, there is no information about a newer version that contains a fix for this vulnerability.