runc (SUSE:OpenStack Cloud 6) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:OpenStack Cloud 6 package runc, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2016-8867 — CVSS 7.5 (high): Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. This allowed malicious images to bypass user…
CVE-2016-9962 — CVSS 6.4 (medium): RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. This allows the main processes of…
CVE-2017-8932 — CVSS 5.9 (medium): A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2…