It was discovered that runC incorrectly checked mount targets. An attacker
with a malicious container image could possibly mount over the /proc
directory and escalate privileges. (CVE-2019-16884)
Etienne Champetier discovered that runC incorrectly checked mount targets.
An attacker with a malicious container image could possibly mount the host
filesystem into the container and escalate privileges. (CVE-2021-30465)
7.1 High
AI Score
Confidence
0.003 Low
EPSS
Percentile
70.7%