| Max CVSS | 5.1 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2019-16884 | 5.0 |
runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc direct
|
27-03-2023 - 18:15 | 25-09-2019 - 18:15 | |
| CVE-2020-8945 | 5.1 |
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.
|
18-10-2022 - 17:59 | 12-02-2020 - 18:15 | |
| CVE-2020-1702 | 4.3 |
A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, such as Red Hat Enterprise Linux using podman, or OpenShift Container Platform. An attacker can use this flaw to trick a user, with p
|
10-06-2021 - 15:16 | 27-05-2021 - 20:15 |