📦

garden-runc

Vendor: cloudfoundry

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 2 Total Indexed

Avg. EPSS 0.39% Exploit Prob.

Latest CVE CVE-2018-11084 Sep 18

Security Vulnerability Index

Page 1 / 1

6.8 CVSS

CVE-2018-11084

Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents deletion of some app environments based on file attributes. A remote authenticated malicious user may create and delete apps with crafted file attributes to cause a denial of service for new app instances or scaling up of existing apps.

EPSS: 0.26%

Severity: MEDIUM

Sep 18, 2018

6.5 CVSS

CVE-2018-1277

Cloud Foundry Garden-runC, versions prior to 1.13.0, does not correctly enforce disc quotas for Docker image layers. A remote authenticated user may push an app with a malicious Docker image that will consume more space on a Diego cell than allocated in their quota, potentially causing a DoS against the cell.

EPSS: 0.52%

Severity: MEDIUM

Apr 30, 2018

Displaying 2 of 2 Total Entries

Total 1 Sections