Runc

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-31	CVE-2024-21626	Exposure of Resource to Wrong Sphere vulnerability in multiple products runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. local low complexity linuxfoundation fedoraproject CWE-668	8.6
2023-03-29	CVE-2023-25809	Unspecified vulnerability in Linuxfoundation Runc runc is a CLI tool for spawning and running containers according to the OCI specification. local low complexity linuxfoundation	6.3
2023-03-29	CVE-2023-28642	Link Following vulnerability in Linuxfoundation Runc runc is a CLI tool for spawning and running containers according to the OCI specification. local low complexity linuxfoundation CWE-59	7.8
2023-03-03	CVE-2023-27561	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. local high complexity linuxfoundation redhat debian CWE-706	7.0
2022-05-17	CVE-2022-29162	runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. local low complexity linuxfoundation fedoraproject	7.8
2022-03-24	CVE-2022-24769	Moby is an open-source project created by Docker to enable and accelerate software containerization. local low complexity mobyproject fedoraproject linuxfoundation debian	5.9
2021-12-06	CVE-2021-43784	runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. network high complexity linuxfoundation debian	5.0
2021-05-27	CVE-2021-30465	Race Condition vulnerability in multiple products runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. network high complexity linuxfoundation fedoraproject CWE-362	8.5
2020-02-12	CVE-2019-19921	Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. local high complexity linuxfoundation debian opensuse canonical redhat CWE-706	7.0
2019-09-25	CVE-2019-16884	Incorrect Authorization vulnerability in multiple products runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. network low complexity linuxfoundation docker fedoraproject opensuse redhat canonical CWE-863	7.5