GO-2024-2491
- Source
- https://pkg.go.dev/vuln/GO-2024-2491
- Import Source
- https://vuln.go.dev/ID/GO-2024-2491.json
- JSON Data
- https://api.osv.dev/v1/vulns/GO-2024-2491
- Aliases
- Published
- 2024-06-28T15:28:53Z
- Modified
- 2024-07-01T21:50:42Z
- Summary
- Container breakout through process.cwd trickery and leaked fds in github.com/opencontainers/runc
- Details
-
Container breakout through process.cwd trickery and leaked fds in github.com/opencontainers/runc
- Database specific
{ "review_status": "REVIEWED", "url": "https://pkg.go.dev/vuln/GO-2024-2491" }- References
- Credits
-
-
- Rory McNamara from Snyk
-
- @lifubang from acmcoder
-
- Aleksa Sarai from SUSE
-
Affected packages
Go / github.com/opencontainers/runc
Package
- Name
- github.com/opencontainers/runc
- View open source insights on deps.dev
- Purl
- pkg:golang/github.com/opencontainers/runc
Ecosystem specific
{
"imports": [
{
"path": "github.com/opencontainers/runc/libcontainer/utils",
"symbols": [
"CloseExecFrom"
]
},
{
"path": "github.com/opencontainers/runc/libcontainer/cgroups",
"symbols": [
"openFile",
"prepareOpenat2"
]
},
{
"path": "github.com/opencontainers/runc/libcontainer",
"symbols": [
"Container.start",
"Init",
"finalizeNamespace",
"linuxSetnsInit.Init",
"linuxStandardInit.Init"
]
}
]
}