libcontainer package, versions <1.0.0-rc9

Attack Complexity

Low

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

snyk-id

SNYK-GOLANG-GITHUBCOMDOCKERLIBCONTAINER-469152
published

26 Sep 2019
disclosed

22 Sep 2019
credit

Unknown

Report a new vulnerability Found a mistake?

Introduced: 22 Sep 2019

CVE-2019-16884 Open this link in a new tab CWE-284 Open this link in a new tab

How to fix?

Upgrade github.com/docker/libcontainer to version 1.0.0-rc9 or higher.

Overview

github.com/docker/libcontainer is a package that provides a native Go implementation for creating containers with namespaces, cgroups, capabilities, and filesystem access controls.

Affected versions of this package are vulnerable to Access Restriction Bypass. None

References

GitHub Commit
GitHub Issue
GitHub PR

Access Restriction Bypass Affecting github.com/docker/libcontainer package, versions <1.0.0-rc9

Attack Complexity

snyk-id

published

disclosed

credit

Introduced: 22 Sep 2019

How to fix?

Overview

References