database-lab-engine
database-lab-engine copied to clipboard
postgres-ai
CVE-2022-29526 (Medium) detected in github.com/opencontainers/runc-v1.0.3, github.com/containerd/containerd-v1.6.1
CVE-2022-29526 - Medium Severity Vulnerability
Vulnerable Libraries - github.com/opencontainers/runc-v1.0.3, github.com/containerd/containerd-v1.6.1
github.com/opencontainers/runc-v1.0.3
CLI tool for spawning and running containers according to the OCI specification
Dependency Hierarchy:
- github.com/moby/moby-v20.10.17 (Root Library)
- :x: github.com/opencontainers/runc-v1.0.3 (Vulnerable Library)
github.com/containerd/containerd-v1.6.1
An open and reliable container runtime
Dependency Hierarchy:
- github.com/moby/moby-v20.10.17 (Root Library)
- :x: github.com/containerd/containerd-v1.6.1 (Vulnerable Library)
Found in HEAD commit: b3ac62d12e3d43994ff7ad836e34da801ed665fb
Found in base branch: master
Vulnerability Details
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
Publish Date: 2022-06-23
URL: CVE-2022-29526
CVSS 3 Score Details (5.3)
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: Low
- Integrity Impact: None
- Availability Impact: None
Step up your Open Source Security Game with Mend here
![mend-bolt-for-github[bot] avatar](https://avatars.githubusercontent.com/in/16809?v=4 "Published by a pub.dev verified publisher"){kind=small}
:heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.