CVE-2018-11757

Published July 23rd, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inheriting the Docker tag openwhisk/dockerskeleton:1.3.0 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation.

apache/openwhisk-runtime-docker

Apache OpenWhisk SDK for building Docker "blackbox" runtimes

GitHub