Vulnerabilities > Linuxcontainers > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-10 | CVE-2017-18641 | Improper Authentication vulnerability in Linuxcontainers LXC 2.0.0 In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers. | 9.3 |
| 2017-05-01 | CVE-2016-8649 | Permissions, Privileges, and Access Controls vulnerability in Linuxcontainers LXC lxc-attach in LXC before 1.0.9 and 2.x before 2.0.6 allows an attacker inside of an unprivileged container to use an inherited file descriptor, of the host's /proc, to access the rest of the host's filesystem via the openat() family of syscalls. | 9.0 |