PT-2020-13964 · Open Container Initiative+1 · Runc+1
Published
2020-07-13
·
Updated
2023-02-12
·
CVE-2020-14298
CVSS v3.1
8.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
docker version 1.13.1-108.git4ef4b30.el7
Description
This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. The problem arose due to an incorrect version of runc being included, which was missing a previously fixed issue.
Recommendations
For docker version 1.13.1-108.git4ef4b30.el7, update to a version that includes the correct fix for the issue, as earlier and later versions are not affected.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Docker
Runc