7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2019-16884

GHSA ID

GHSA-fgv8-vj5c-2ppq

EPSS Score

0.53011%

CWE

CWE-863

Published

2/22/2022

Updated

5/20/2024

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2019-16884

CVE-2019-16884:
Incorrect Authorization in runc

runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.

(GitHub Advisory)

7.5

CVSS Score

3.1

Basic Information

CVE ID

CVE-2019-16884

GHSA ID

GHSA-fgv8-vj5c-2ppq

EPSS Score

0.53011%

CWE

CWE-863

Published

2/22/2022

Updated

5/20/2024

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/opencontainers/runc	go	< 1.0.0-rc8.0.20190930145003-cad42f6e0932	1.0.0-rc8.0.20190930145003-cad42f6e0932
github.com/opencontainers/selinux	go	< 1.3.1-0.20190929122143-5215b1806f52	1.3.1-0.20190929122143-5215b1806f52

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

run* t*rou** *.*.*-r**, *s us** in *o*k*r t*rou** **.**.*-** *n* ot**r pro*u*ts, *llows *pp*rmor r*stri*tion *yp*ss ****us* li**ont*in*r/root*s_linux.*o in*orr**tly ****ks mount t*r**ts, *n* t*us * m*li*ious *o*k*r im*** **n mount ov*r * /pro* *ir**t

Reasoning

No *n*lysis *v*il**l*

7.5

Basic Information

Concerned about an active attack path?

CVE-2019-16884: Incorrect Authorization in runc

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

CVE-2019-16884:
Incorrect Authorization in runc

Vulnerability Intelligence
Miggo AI