Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
docker libcontainer 1.6.0 vulnerabilities and exploits
(subscribe to this query)
641
VMScore
CVE-2015-3629
Libcontainer 1.6.0, as used in Docker Engine, allows local users to escape containerization ("mount namespace breakout") and write to arbitrary file on the host system via a symlink attack in an image when respawning a container.
Docker Libcontainer 1.6.0
Opensuse Opensuse 13.2
641
VMScore
CVE-2015-3627
Libcontainer and Docker Engine prior to 1.6.1 opens the file-descriptor passed to the pid-1 process before performing the chroot, which allows local users to gain privileges via a symlink attack in an image.
Docker Libcontainer
Docker Docker
1 Github repository
320
VMScore
CVE-2015-3631
Docker Engine prior to 1.6.1 allows local users to set arbitrary Linux Security Modules (LSM) and docker_t policies via an image that allows volumes to override files in /proc.
Docker Docker
641
VMScore
CVE-2015-3630
Docker Engine prior to 1.6.1 uses weak permissions for (1) /proc/asound, (2) /proc/timer_stats, (3) /proc/latency_stats, and (4) /proc/fs, which allows local users to modify the host, obtain sensitive information, and perform protocol downgrade attacks via a crafted image.
Docker Docker
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started