0.004 Low
EPSS
Percentile
73.6%
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host.
This issue is mitigated on Red Hat Enterprise Linux 7 if SELinux is in enforcing mode, which prevents containers from escaping to the host machine.
0.004 Low
EPSS
Percentile
73.6%