CVE-2021-30465
Published
CVSS v3
8.5
HIGH
CVSS v2
6
MEDIUM
Affected
1
PROJECT
Description
runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.
CLI tool for spawning and running containers according to the OCI specification
GitHub