Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-3yvf-q4uj-dbdh
Summary
Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration in RunC
### Impact

In runc, [netlink](https://www.man7.org/linux/man-pages/man7/netlink.7.html) is used internally as a serialization system for specifying the relevant container configuration to the C portion of our code (responsible for the based namespace setup of containers). In all versions of runc prior to 1.0.3, the encoder did not handle the possibility of an integer overflow in the 16-bit length field for the byte array attribute type, meaning that a large enough malicious byte array attribute could result in the length overflowing and the attribute contents being parsed as netlink messages for container configuration.

This vulnerability requires the attacker to have some control over the configuration of the container and would allow the attacker to bypass the namespace restrictions of the container by simply adding their own netlink payload which disables all namespaces.

Prior to 9c444070ec7bb83995dbc0185da68284da71c554, in practice it was fairly difficult to specify an arbitrary-length netlink message with most container runtimes. The only user-controlled byte array was the namespace paths attributes which can be specified in runc's `config.json`, but as far as we can tell no container runtime gives raw access to that configuration setting -- and having raw access to that setting **would allow the attacker to disable namespace protections entirely anyway** (setting them to `/proc/1/ns/...` for instance). In addition, each namespace path is limited to 4096 bytes (with only 7 namespaces supported by runc at the moment) meaning that even with custom namespace paths it appears an attacker still cannot shove enough bytes into the netlink bytemsg in order to overflow the uint16 counter.

However, out of an abundance of caution (given how old this bug is) we decided to treat it as a potentially exploitable vulnerability with a low severity. After 9c444070ec7bb83995dbc0185da68284da71c554 (which was not present in any release of runc prior to the discovery of this bug), all mount paths are included as a giant netlink message which means that this bug becomes significantly more exploitable in more reasonable threat scenarios.

The main users impacted are those who allow untrusted images with untrusted configurations to run on their machines (such as with shared cloud infrastructure), though as mentioned above it appears this bug was not practically exploitable on any released version of runc to date.

### Patches
The patch for this is d72d057ba794164c3cce9451a00b72a78b25e1ae and runc 1.0.3 was released with this bug fixed.

### Workarounds
To the extent this is exploitable, disallowing untrusted namespace paths in container configuration should eliminate all practical ways of exploiting this bug. It should be noted that untrusted namespace paths would allow the attacker to disable namespace protections entirely even in the absence of this bug.

### References
* commit d72d057ba794 ("runc init: avoid netlink message length overflows")
* https://bugs.chromium.org/p/project-zero/issues/detail?id=2241

### Credits
Thanks to Felix Wilhelm from Google Project Zero for discovering and reporting this vulnerability. In particular, the fact they found this vulnerability so quickly, before we made a 1.1 release of runc (which would've been vulnerable) was quite impressive.

### For more information
If you have any questions or comments about this advisory:
* Open an issue in [our repo](https://github.com/opencontainers/runc)
Aliases
0
alias CVE-2021-43784
1
alias GHSA-v95c-p5hm-xq8f
Fixed_packages
0
url pkg:alpm/archlinux/runc@1.0.3-1
purl pkg:alpm/archlinux/runc@1.0.3-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/runc@1.0.3-1
1
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=v3.20&reponame=community
2
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=v3.15&reponame=community
3
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=v3.15&reponame=community
4
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=v3.15&reponame=community
5
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=v3.15&reponame=community
6
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=v3.15&reponame=community
7
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=v3.15&reponame=community
8
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.15&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.15&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=v3.15&reponame=community
9
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=v3.23&reponame=community
10
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=v3.23&reponame=community
11
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=v3.23&reponame=community
12
url pkg:apk/alpine/runc@1.0.3-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community
13
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
14
url pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=riscv64&distroversion=v3.23&reponame=community
15
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=v3.23&reponame=community
16
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=v3.23&reponame=community
17
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=v3.23&reponame=community
18
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=v3.16&reponame=community
19
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=v3.16&reponame=community
20
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=v3.16&reponame=community
21
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=v3.16&reponame=community
22
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=v3.16&reponame=community
23
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=v3.16&reponame=community
24
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.16&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.16&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=v3.16&reponame=community
25
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=v3.20&reponame=community
26
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=v3.20&reponame=community
27
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=v3.20&reponame=community
28
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community
29
url pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=riscv64&distroversion=v3.20&reponame=community
30
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=v3.20&reponame=community
31
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=v3.20&reponame=community
32
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=v3.18&reponame=community
33
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=v3.18&reponame=community
34
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=v3.18&reponame=community
35
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=v3.18&reponame=community
36
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=v3.18&reponame=community
37
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=v3.18&reponame=community
38
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.18&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.18&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=v3.18&reponame=community
39
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community
40
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=v3.19&reponame=community
41
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=v3.19&reponame=community
42
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community
43
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=v3.19&reponame=community
44
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=v3.19&reponame=community
45
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.19&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.19&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=v3.19&reponame=community
46
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=v3.21&reponame=community
47
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=v3.21&reponame=community
48
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=v3.21&reponame=community
49
url pkg:apk/alpine/runc@1.0.3-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community
50
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community
51
url pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=riscv64&distroversion=v3.21&reponame=community
52
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=v3.21&reponame=community
53
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=v3.21&reponame=community
54
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=v3.21&reponame=community
55
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=edge&reponame=community
56
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=edge&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=edge&reponame=community
57
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=edge&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=edge&reponame=community
58
url pkg:apk/alpine/runc@1.0.3-r0?arch=loongarch64&distroversion=edge&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=loongarch64&distroversion=edge&reponame=community
59
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=edge&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=edge&reponame=community
60
url pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=riscv64&distroversion=edge&reponame=community
61
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=edge&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=edge&reponame=community
62
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=edge&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=edge&reponame=community
63
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=edge&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=edge&reponame=community
64
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=v3.17&reponame=community
65
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=v3.17&reponame=community
66
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=v3.17&reponame=community
67
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=v3.17&reponame=community
68
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=v3.17&reponame=community
69
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=v3.17&reponame=community
70
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.17&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.17&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=v3.17&reponame=community
71
url pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=aarch64&distroversion=v3.22&reponame=community
72
url pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armhf&distroversion=v3.22&reponame=community
73
url pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=armv7&distroversion=v3.22&reponame=community
74
url pkg:apk/alpine/runc@1.0.3-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community
75
url pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community
76
url pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=riscv64&distroversion=v3.22&reponame=community
77
url pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=s390x&distroversion=v3.22&reponame=community
78
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86&distroversion=v3.22&reponame=community
79
url pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/runc@1.0.3-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.0.3-r0%3Farch=x86_64&distroversion=v3.22&reponame=community
80
url pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u4%3Fdistro=trixie
81
url pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5
purl pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mt76-ah1b-s3gc
1
vulnerability VCID-vk37-s4p6-fufm
2
vulnerability VCID-wxsf-mu1t-aqa4
3
vulnerability VCID-x2zb-mehm-ebge
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5
82
url pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie
purl pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mt76-ah1b-s3gc
1
vulnerability VCID-vk37-s4p6-fufm
2
vulnerability VCID-wxsf-mu1t-aqa4
3
vulnerability VCID-x2zb-mehm-ebge
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie
83
url pkg:deb/debian/runc@1.0.3%2Bds1-1?distro=trixie
purl pkg:deb/debian/runc@1.0.3%2Bds1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.3%252Bds1-1%3Fdistro=trixie
84
url pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mt76-ah1b-s3gc
1
vulnerability VCID-vk37-s4p6-fufm
2
vulnerability VCID-wxsf-mu1t-aqa4
3
vulnerability VCID-x2zb-mehm-ebge
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie
85
url pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie
purl pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-mt76-ah1b-s3gc
1
vulnerability VCID-vk37-s4p6-fufm
2
vulnerability VCID-wxsf-mu1t-aqa4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie
86
url pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie
purl pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie
87
url pkg:ebuild/app-containers/runc@1.1.12
purl pkg:ebuild/app-containers/runc@1.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/runc@1.1.12
88
url pkg:golang/github.com/opencontainers/runc@1.0.3
purl pkg:golang/github.com/opencontainers/runc@1.0.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:golang/github.com/opencontainers/runc@1.0.3
Affected_packages
0
url pkg:alpm/archlinux/runc@1.0.2-2
purl pkg:alpm/archlinux/runc@1.0.2-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3yvf-q4uj-dbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/runc@1.0.2-2
1
url pkg:deb/debian/runc@0.1.1%2Bdfsg1-1~bpo8%2B1
purl pkg:deb/debian/runc@0.1.1%2Bdfsg1-1~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-165g-hgmx-nybk
1
vulnerability VCID-3m4n-58pj-mkeb
2
vulnerability VCID-3yvf-q4uj-dbdh
3
vulnerability VCID-7juj-78y7-g7b6
4
vulnerability VCID-997v-f2ds-e3e4
5
vulnerability VCID-9mdg-3961-cybf
6
vulnerability VCID-jc1e-8tt4-xqdn
7
vulnerability VCID-seds-dzew-jyfs
8
vulnerability VCID-tsgr-5mwt-jkeh
9
vulnerability VCID-v2ys-xbn5-guh4
10
vulnerability VCID-zex4-9xyf-6yf1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@0.1.1%252Bdfsg1-1~bpo8%252B1
2
url pkg:deb/debian/runc@0.1.1%2Bdfsg1-2%2Bdeb9u1
purl pkg:deb/debian/runc@0.1.1%2Bdfsg1-2%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3m4n-58pj-mkeb
1
vulnerability VCID-3yvf-q4uj-dbdh
2
vulnerability VCID-7juj-78y7-g7b6
3
vulnerability VCID-997v-f2ds-e3e4
4
vulnerability VCID-9mdg-3961-cybf
5
vulnerability VCID-jc1e-8tt4-xqdn
6
vulnerability VCID-seds-dzew-jyfs
7
vulnerability VCID-tsgr-5mwt-jkeh
8
vulnerability VCID-v2ys-xbn5-guh4
9
vulnerability VCID-zex4-9xyf-6yf1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@0.1.1%252Bdfsg1-2%252Bdeb9u1
3
url pkg:deb/debian/runc@1.0.0~rc2%2Bgit20161109.131.5137186-2
purl pkg:deb/debian/runc@1.0.0~rc2%2Bgit20161109.131.5137186-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3m4n-58pj-mkeb
1
vulnerability VCID-3yvf-q4uj-dbdh
2
vulnerability VCID-7juj-78y7-g7b6
3
vulnerability VCID-997v-f2ds-e3e4
4
vulnerability VCID-9mdg-3961-cybf
5
vulnerability VCID-jc1e-8tt4-xqdn
6
vulnerability VCID-seds-dzew-jyfs
7
vulnerability VCID-tsgr-5mwt-jkeh
8
vulnerability VCID-v2ys-xbn5-guh4
9
vulnerability VCID-zex4-9xyf-6yf1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc2%252Bgit20161109.131.5137186-2
4
url pkg:deb/debian/runc@1.0.0~rc6%2Bdfsg1-2
purl pkg:deb/debian/runc@1.0.0~rc6%2Bdfsg1-2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3m4n-58pj-mkeb
1
vulnerability VCID-3yvf-q4uj-dbdh
2
vulnerability VCID-997v-f2ds-e3e4
3
vulnerability VCID-9mdg-3961-cybf
4
vulnerability VCID-jc1e-8tt4-xqdn
5
vulnerability VCID-seds-dzew-jyfs
6
vulnerability VCID-tsgr-5mwt-jkeh
7
vulnerability VCID-v2ys-xbn5-guh4
8
vulnerability VCID-zex4-9xyf-6yf1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc6%252Bdfsg1-2
5
url pkg:deb/debian/runc@1.0.0~rc6%2Bdfsg1-3
purl pkg:deb/debian/runc@1.0.0~rc6%2Bdfsg1-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3m4n-58pj-mkeb
1
vulnerability VCID-3yvf-q4uj-dbdh
2
vulnerability VCID-997v-f2ds-e3e4
3
vulnerability VCID-9mdg-3961-cybf
4
vulnerability VCID-jc1e-8tt4-xqdn
5
vulnerability VCID-seds-dzew-jyfs
6
vulnerability VCID-tsgr-5mwt-jkeh
7
vulnerability VCID-v2ys-xbn5-guh4
8
vulnerability VCID-zex4-9xyf-6yf1
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc6%252Bdfsg1-3
6
url pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5
purl pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3m4n-58pj-mkeb
1
vulnerability VCID-3yvf-q4uj-dbdh
2
vulnerability VCID-jc1e-8tt4-xqdn
3
vulnerability VCID-seds-dzew-jyfs
4
vulnerability VCID-tsgr-5mwt-jkeh
5
vulnerability VCID-v2ys-xbn5-guh4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5
7
url pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u2
purl pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3yvf-q4uj-dbdh
1
vulnerability VCID-jc1e-8tt4-xqdn
2
vulnerability VCID-seds-dzew-jyfs
3
vulnerability VCID-tsgr-5mwt-jkeh
4
vulnerability VCID-v2ys-xbn5-guh4
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u2
8
url pkg:rpm/redhat/container-tools:latest/runc@4:1.1.9-1?arch=el9
purl pkg:rpm/redhat/container-tools:latest/runc@4:1.1.9-1?arch=el9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3yvf-q4uj-dbdh
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/container-tools:latest/runc@4:1.1.9-1%3Farch=el9
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43784.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-43784.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-43784
reference_id
reference_type
scores
0
value 0.00115
scoring_system epss
scoring_elements 0.30027
published_at 2026-04-21T12:55:00Z
1
value 0.00115
scoring_system epss
scoring_elements 0.30072
published_at 2026-04-18T12:55:00Z
2
value 0.00115
scoring_system epss
scoring_elements 0.30093
published_at 2026-04-16T12:55:00Z
3
value 0.00115
scoring_system epss
scoring_elements 0.30078
published_at 2026-04-13T12:55:00Z
4
value 0.00115
scoring_system epss
scoring_elements 0.30175
published_at 2026-04-01T12:55:00Z
5
value 0.00115
scoring_system epss
scoring_elements 0.30128
published_at 2026-04-12T12:55:00Z
6
value 0.00115
scoring_system epss
scoring_elements 0.30171
published_at 2026-04-11T12:55:00Z
7
value 0.00115
scoring_system epss
scoring_elements 0.30168
published_at 2026-04-09T12:55:00Z
8
value 0.00115
scoring_system epss
scoring_elements 0.30132
published_at 2026-04-08T12:55:00Z
9
value 0.00115
scoring_system epss
scoring_elements 0.30073
published_at 2026-04-07T12:55:00Z
10
value 0.00115
scoring_system epss
scoring_elements 0.30255
published_at 2026-04-04T12:55:00Z
11
value 0.00115
scoring_system epss
scoring_elements 0.30206
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-43784
2
reference_url https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/
url https://bugs.chromium.org/p/project-zero/issues/detail?id=2241
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43784
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43784
4
reference_url https://github.com/opencontainers/runc
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/opencontainers/runc
5
reference_url https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/
url https://github.com/opencontainers/runc/commit/9c444070ec7bb83995dbc0185da68284da71c554
6
reference_url https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/
url https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae
7
reference_url https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/opencontainers/runc/commit/dde509df4e28cec33b3c99c6cda3d4fd5beafc77
8
reference_url https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/
url https://github.com/opencontainers/runc/commit/f50369af4b571e358f20b139eea52d612eb55eed
9
reference_url https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/
url https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f
10
reference_url https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/
url https://lists.debian.org/debian-lts-announce/2021/12/msg00005.html
11
reference_url https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html
reference_id
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:32Z/
url https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-43784
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-43784
13
reference_url https://pkg.go.dev/vuln/GO-2022-0274
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2022-0274
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2029439
reference_id 2029439
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2029439
15
reference_url https://security.archlinux.org/AVG-2599
reference_id AVG-2599
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2599
16
reference_url https://security.gentoo.org/glsa/202408-25
reference_id GLSA-202408-25
reference_type
scores
url https://security.gentoo.org/glsa/202408-25
17
reference_url https://access.redhat.com/errata/RHSA-2023:6380
reference_id RHSA-2023:6380
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6380
18
reference_url https://usn.ubuntu.com/6088-2/
reference_id USN-6088-2
reference_type
scores
url https://usn.ubuntu.com/6088-2/
Weaknesses
0
cwe_id 190
name Integer Overflow or Wraparound
description The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control.
Exploits
Severity_range_score0.1 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-3yvf-q4uj-dbdh