VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-vvs4-9r5v-aaap

Essentials
Severities (146)
References (69)
Severity details (53)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-vvs4-9r5v-aaap
Aliases	CVE-2019-16884 GHSA-fgv8-vj5c-2ppq
Summary	runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-863	Incorrect Authorization
CWE-41	Improper Resolution of Path Equivalence

System	Score	Found at
cvssv3.1	7.5	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html
generic_textual	HIGH	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html
cvssv3.1	7.5	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html
generic_textual	HIGH	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html
cvssv3.1	7.5	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00010.html
generic_textual	HIGH	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00010.html
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-16884.html
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2019:3940
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2019:3940
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2019:4074
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2019:4074
cvssv3.1	7.5	https://access.redhat.com/errata/RHSA-2019:4269
generic_textual	HIGH	https://access.redhat.com/errata/RHSA-2019:4269
rhas	Moderate	https://access.redhat.com/errata/RHSA-2020:1234
cvssv3	6.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16884.json
epss	0.00259	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00259	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00259	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00259	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00259	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00268	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00277	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00301	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00395	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
epss	0.00796	https://api.first.org/data/v1/epss?cve=CVE-2019-16884
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884
cvssv3	5.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.5	https://github.com/crosbymichael/runc/commit/78dce1cf1ec36bbe7fe6767bdb81f7cbf6d34d70
generic_textual	HIGH	https://github.com/crosbymichael/runc/commit/78dce1cf1ec36bbe7fe6767bdb81f7cbf6d34d70
cvssv3.1	3.6	https://github.com/opencontainers/runc
generic_textual	LOW	https://github.com/opencontainers/runc
cvssv3.1	7.5	https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4
generic_textual	HIGH	https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4
cvssv3.1	7.5	https://github.com/opencontainers/runc/issues/2128
generic_textual	HIGH	https://github.com/opencontainers/runc/issues/2128
cvssv3.1	7.5	https://github.com/opencontainers/runc/pull/2129
generic_textual	HIGH	https://github.com/opencontainers/runc/pull/2129
cvssv3.1	7.5	https://github.com/opencontainers/runc/pull/2130
generic_textual	HIGH	https://github.com/opencontainers/runc/pull/2130
cvssv3.1	7.5	https://github.com/opencontainers/selinux/commit/03b517dc4fd57245b1cf506e8ba7b817b6d309da
generic_textual	HIGH	https://github.com/opencontainers/selinux/commit/03b517dc4fd57245b1cf506e8ba7b817b6d309da
cvssv3.1	7.5	https://lists.debian.org/debian-lts-announce/2023/02/msg00016.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2023/02/msg00016.html
cvssv3.1	7.0	https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2019-16884
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-16884
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2019-16884
cvssv3.1	7.5	https://pkg.go.dev/vuln/GO-2021-0085
generic_textual	HIGH	https://pkg.go.dev/vuln/GO-2021-0085
cvssv3.1	5.9	https://security.gentoo.org/glsa/202003-21
generic_textual	MODERATE	https://security.gentoo.org/glsa/202003-21
cvssv3.1	7.5	https://security.netapp.com/advisory/ntap-20220221-0004
generic_textual	HIGH	https://security.netapp.com/advisory/ntap-20220221-0004
generic_textual	Medium	https://ubuntu.com/security/notices/USN-4297-1
cvssv3.1	5.9	https://usn.ubuntu.com/4297-1
generic_textual	MODERATE	https://usn.ubuntu.com/4297-1
generic_textual	Medium	https://usn.ubuntu.com/usn/usn-4297-1

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html
		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html
		http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00010.html
		http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-16884.html
		https://access.redhat.com/errata/RHSA-2019:3940
		https://access.redhat.com/errata/RHSA-2019:4074
		https://access.redhat.com/errata/RHSA-2019:4269
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16884.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-16884
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/crosbymichael/runc/commit/78dce1cf1ec36bbe7fe6767bdb81f7cbf6d34d70
		https://github.com/opencontainers/runc
		https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4
		https://github.com/opencontainers/runc/issues/2128
		https://github.com/opencontainers/runc/pull/2129
		https://github.com/opencontainers/runc/pull/2130
		https://github.com/opencontainers/selinux/commit/03b517dc4fd57245b1cf506e8ba7b817b6d309da
		https://lists.debian.org/debian-lts-announce/2023/02/msg00016.html
		https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF/
		https://pkg.go.dev/vuln/GO-2021-0085
		https://security.gentoo.org/glsa/202003-21
		https://security.netapp.com/advisory/ntap-20220221-0004
		https://security.netapp.com/advisory/ntap-20220221-0004/
		https://ubuntu.com/security/notices/USN-4297-1
		https://usn.ubuntu.com/4297-1
		https://usn.ubuntu.com/4297-1/
		https://usn.ubuntu.com/usn/usn-4297-1
942026		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942026
cpe:2.3:a:docker:docker:::::community:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:docker:docker:::::community:::*
cpe:2.3:a:linuxfoundation:runc::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc::::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc7::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc7::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc8::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc8::::::
cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*
cpe:2.3:a:redhat:openshift_container_platform:4.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.2:::::::*
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
cpe:2.3:o:fedoraproject:fedora:29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
cpe:2.3:o:fedoraproject:fedora:30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
cpe:2.3:o:fedoraproject:fedora:31:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
cpe:2.3:o:opensuse:leap:15.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
cpe:2.3:o:opensuse:leap:15.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
CVE-2019-16884		https://nvd.nist.gov/vuln/detail/CVE-2019-16884
RHBA-2020:1232		https://bugzilla.redhat.com/show_bug.cgi?id=1757214
RHSA-2020:1234		https://access.redhat.com/errata/RHSA-2020:1234
USN-USN-4867-1		https://usn.ubuntu.com/USN-4867-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00010.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2019:3940

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://access.redhat.com/errata/RHSA-2019:4074

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/errata/RHSA-2019:4269

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16884.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/crosbymichael/runc/commit/78dce1cf1ec36bbe7fe6767bdb81f7cbf6d34d70

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N Found at https://github.com/opencontainers/runc

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/opencontainers/runc/issues/2128

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/opencontainers/runc/pull/2129

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/opencontainers/runc/pull/2130

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/opencontainers/selinux/commit/03b517dc4fd57245b1cf506e8ba7b817b6d309da

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://lists.debian.org/debian-lts-announce/2023/02/msg00016.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-16884

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-16884

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2019-16884

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://pkg.go.dev/vuln/GO-2021-0085

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U Found at https://security.gentoo.org/glsa/202003-21

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://security.netapp.com/advisory/ntap-20220221-0004

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:U/RC:U Found at https://usn.ubuntu.com/4297-1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.49096
EPSS Score	0.00259
Published At	April 27, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

Reference id	Reference type	URL
		http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00073.html
		http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00009.html
		http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00010.html
		http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-16884.html
		https://access.redhat.com/errata/RHSA-2019:3940
		https://access.redhat.com/errata/RHSA-2019:4074
		https://access.redhat.com/errata/RHSA-2019:4269
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16884.json
		https://api.first.org/data/v1/epss?cve=CVE-2019-16884
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/crosbymichael/runc/commit/78dce1cf1ec36bbe7fe6767bdb81f7cbf6d34d70
		https://github.com/opencontainers/runc
		https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4
		https://github.com/opencontainers/runc/issues/2128
		https://github.com/opencontainers/runc/pull/2129
		https://github.com/opencontainers/runc/pull/2130
		https://github.com/opencontainers/selinux/commit/03b517dc4fd57245b1cf506e8ba7b817b6d309da
		https://lists.debian.org/debian-lts-announce/2023/02/msg00016.html
		https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62OQ2P7K5YDZ5BRCH2Q6DHUJIHQD3QCD/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DGK6IV5JGVDXHOXEKJOJWKOVNZLT6MYR/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SPK4JWP32BUIVDJ3YODZSOEVEW6BHQCF/
		https://pkg.go.dev/vuln/GO-2021-0085
		https://security.gentoo.org/glsa/202003-21
		https://security.netapp.com/advisory/ntap-20220221-0004
		https://security.netapp.com/advisory/ntap-20220221-0004/
		https://ubuntu.com/security/notices/USN-4297-1
		https://usn.ubuntu.com/4297-1
		https://usn.ubuntu.com/4297-1/
		https://usn.ubuntu.com/usn/usn-4297-1
942026		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942026
cpe:2.3:a:docker:docker:::::community:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:docker:docker:::::community:::*
cpe:2.3:a:linuxfoundation:runc::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc::::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc1::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc2::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc3::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc4::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc5::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc6::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc7::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc7::::::
cpe:2.3:a:linuxfoundation:runc:1.0.0:rc8::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:linuxfoundation:runc:1.0.0:rc8::::::
cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.1:::::::*
cpe:2.3:a:redhat:openshift_container_platform:4.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:4.2:::::::*
cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:::::::*
cpe:2.3:o:fedoraproject:fedora:29:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
cpe:2.3:o:fedoraproject:fedora:30:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
cpe:2.3:o:fedoraproject:fedora:31:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
cpe:2.3:o:opensuse:leap:15.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
cpe:2.3:o:opensuse:leap:15.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
CVE-2019-16884		https://nvd.nist.gov/vuln/detail/CVE-2019-16884
RHBA-2020:1232		https://bugzilla.redhat.com/show_bug.cgi?id=1757214
RHSA-2020:1234		https://access.redhat.com/errata/RHSA-2020:1234
USN-USN-4867-1		https://usn.ubuntu.com/USN-4867-1/