[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2016-9962":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":28,"aliases":29,"duplicate_of":9,"upstream":32,"downstream":33,"duplicates":64,"related":65,"reserved_at":9,"published_at":80,"modified_at":81,"state":82,"summary":83,"references_raw":92,"kevs":207,"epss":208,"epss_history":211,"metrics":484,"affected":496},"CVE-2016-9962","RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container.  This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes during the initialization and can lead to container escapes or modification of runC state before the process is fully placed inside the container.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-362","Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')","The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.","weakness","Draft","Class","Medium",[20,24],{"id":21,"name":22,"techniques":23},"CAPEC-26","Leveraging Race Conditions",[],{"id":25,"name":26,"techniques":27},"CAPEC-29","Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions",[],[],[30,31],"GHSA-gp4j-w3vj-7299","GO-2022-0835",[],[34,36,38,40,42,44,46,48,50,52,54,56,58,60,62],{"_key":35},"SUSE-SU-2017:1964-1",{"_key":37},"SUSE-SU-2019:0573-1",{"_key":39},"SUSE-SU-2025:03540-1",{"_key":41},"OPENSUSE-SU-2024:10693-1",{"_key":43},"OPENSUSE-SU-2024:10722-1",{"_key":45},"OPENSUSE-SU-2024:11358-1",{"_key":47},"UBUNTU-CVE-2016-9962",{"_key":49},"SUSE-SU-2025:03545-1",{"_key":51},"OPENSUSE-SU-2025:15424-1",{"_key":53},"OPENSUSE-SU-2025:15589-1",{"_key":55},"MGASA-2017-0189",{"_key":57},"DEBIAN-CVE-2016-9962",{"_key":59},"RHSA-2017:0116",{"_key":61},"RHSA-2017:0123",{"_key":63},"RHSA-2017:0127",[],[66,67,68,69,70,71,72,73,74,75,76,78],{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":77},"CGA-HM4M-CRC5-FC47",{"_key":79},"CGA-4CH3-C2GF-F2PM","2017-01-31T22:00:00.000Z","2024-08-06T03:07:31.309Z","Modified",{"cisa_kev":84,"cisa_ransomware":84,"cisa_vendor":9,"epss_severity":85,"epss_score":86,"severity":87,"severity_score":88,"severity_version":89,"severity_source":90,"severity_vector":91,"severity_status":82},false,"low",0.00077,"medium",6.4,"v3.0","nvd","CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",[93,103,109,114,120,125,130,135,139,145,149,153,157,161,165,170,174,179,183,187,191,195,199,203],{"url":94,"sources":95,"tags":98},"http://www.securityfocus.com/bid/95361",[96,90,97],"cve.org","osv_go",[99,100,101,102],"VDB Entry","X Refsource BID","Third Party Advisory","WEB",{"url":104,"sources":105,"tags":106},"https://github.com/docker/docker/releases/tag/v1.12.6",[96,90,97],[107,108,102],"X Refsource CONFIRM","Vendor Advisory",{"url":110,"sources":111,"tags":112},"http://rhn.redhat.com/errata/RHSA-2017-0116.html",[96,90,97],[108,113,102],"X Refsource REDHAT",{"url":115,"sources":116,"tags":117},"http://seclists.org/fulldisclosure/2017/Jan/29",[96,90,97],[118,119,101,102],"Mailing List","X Refsource FULLDISC",{"url":121,"sources":122,"tags":123},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WUQ3MQNEL5IBZZLMLR72Q4YDCL2SCKRK/",[96,90],[108,124],"X Refsource FEDORA",{"url":126,"sources":127,"tags":128},"https://bugzilla.suse.com/show_bug.cgi?id=1012568#c6",[96,90,97],[107,129,102],"Issue Tracking",{"url":131,"sources":132,"tags":133},"https://security.gentoo.org/glsa/201701-34",[96,90,97],[108,134,101,102],"X Refsource GENTOO",{"url":136,"sources":137,"tags":138},"http://rhn.redhat.com/errata/RHSA-2017-0123.html",[96,90,97],[108,113,102],{"url":140,"sources":141,"tags":142},"https://github.com/opencontainers/runc/commit/50a19c6ff828c58e5dab13830bd3dacde268afe5",[96,90,97],[107,143,101,102,144],"Patch","FIX",{"url":146,"sources":147,"tags":148},"http://rhn.redhat.com/errata/RHSA-2017-0127.html",[96,90,97],[108,113,102],{"url":150,"sources":151,"tags":152},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FINGBFMIXBG6B6ZWYH3TMRP5V3PDBNXR/",[96,90],[108,124],{"url":154,"sources":155,"tags":156},"https://access.redhat.com/security/vulnerabilities/cve-2016-9962",[96,90,97],[107,101,102],{"url":158,"sources":159,"tags":160},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQAXJMMLRU7DD2IMG47SR2K4BOFFG7FZ/",[96,90],[108,124],{"url":162,"sources":163,"tags":164},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UVM7FCOQMPKOFLDTUYSS4ES76DDM56VP/",[96,90],[108,124],{"url":166,"sources":167,"tags":168},"http://www.securityfocus.com/archive/1/540001/100/0/threaded",[96,90,97],[118,169,102],"X Refsource BUGTRAQ",{"url":171,"sources":172,"tags":173},"http://seclists.org/fulldisclosure/2017/Jan/21",[96,90,97],[118,119,101,102],{"url":175,"sources":176,"tags":177},"https://nvd.nist.gov/vuln/detail/CVE-2016-9962",[97],[178],"Advisory",{"url":180,"sources":181,"tags":182},"https://github.com/opencontainers/runc/commit/5d93fed3d27f1e2bab58bad13b180a7a81d0b378",[97],[102,144],{"url":184,"sources":185,"tags":186},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQAXJMMLRU7DD2IMG47SR2K4BOFFG7FZ",[97],[102],{"url":188,"sources":189,"tags":190},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FINGBFMIXBG6B6ZWYH3TMRP5V3PDBNXR",[97],[102],{"url":192,"sources":193,"tags":194},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UVM7FCOQMPKOFLDTUYSS4ES76DDM56VP",[97],[102],{"url":196,"sources":197,"tags":198},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WUQ3MQNEL5IBZZLMLR72Q4YDCL2SCKRK",[97],[102],{"url":200,"sources":201,"tags":202},"https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9962",[97],[102],{"url":204,"sources":205,"tags":206},"https://github.com/advisories/GHSA-gp4j-w3vj-7299",[97],[178],[],{"date":209,"score":86,"percentile":210},"2026-06-04",0.23155,[212,216,219,222,226,229,232,235,238,241,243,246,249,252,255,259,262,265,268,271,274,277,280,283,287,290,293,296,299,302,305,308,311,314,317,320,323,326,329,332,335,338,341,344,347,350,353,356,358,361,364,366,369,372,375,378,381,384,387,390,393,396,399,402,405,408,411,414,417,420,423,426,428,431,434,437,441,444,447,450,453,456,459,462,466,469,472,475,478,481],{"date":213,"score":214,"percentile":215},"2025-11-04",0.00203,0.42549,{"date":217,"score":214,"percentile":218},"2025-11-05",0.42542,{"date":220,"score":214,"percentile":221},"2025-11-06",0.42555,{"date":223,"score":224,"percentile":225},"2025-11-07",0.00187,0.40824,{"date":227,"score":224,"percentile":228},"2025-11-08",0.40814,{"date":230,"score":224,"percentile":231},"2025-11-09",0.40793,{"date":233,"score":224,"percentile":234},"2025-11-10",0.40757,{"date":236,"score":224,"percentile":237},"2025-11-11",0.40774,{"date":239,"score":224,"percentile":240},"2025-11-12",0.40804,{"date":242,"score":224,"percentile":228},"2025-11-13",{"date":244,"score":224,"percentile":245},"2025-11-14",0.40813,{"date":247,"score":224,"percentile":248},"2025-11-15",0.4081,{"date":250,"score":224,"percentile":251},"2025-11-16",0.40795,{"date":253,"score":224,"percentile":254},"2025-11-17",0.40767,{"date":256,"score":257,"percentile":258},"2025-11-18",0.0022,0.40595,{"date":260,"score":257,"percentile":261},"2025-11-19",0.40612,{"date":263,"score":257,"percentile":264},"2025-11-20",0.40621,{"date":266,"score":257,"percentile":267},"2025-11-21",0.44562,{"date":269,"score":257,"percentile":270},"2025-11-22",0.44561,{"date":272,"score":257,"percentile":273},"2025-11-23",0.4454,{"date":275,"score":257,"percentile":276},"2025-11-24",0.44532,{"date":278,"score":257,"percentile":279},"2025-11-25",0.44542,{"date":281,"score":257,"percentile":282},"2025-11-26",0.44543,{"date":284,"score":285,"percentile":286},"2025-11-27",0.00214,0.43952,{"date":288,"score":285,"percentile":289},"2025-11-28",0.4392,{"date":291,"score":285,"percentile":292},"2025-11-29",0.439,{"date":294,"score":285,"percentile":295},"2025-11-30",0.4388,{"date":297,"score":285,"percentile":298},"2025-12-01",0.44016,{"date":300,"score":285,"percentile":301},"2025-12-02",0.44031,{"date":303,"score":285,"percentile":304},"2025-12-03",0.44028,{"date":306,"score":285,"percentile":307},"2025-12-04",0.43886,{"date":309,"score":285,"percentile":310},"2025-12-05",0.4391,{"date":312,"score":285,"percentile":313},"2025-12-06",0.43903,{"date":315,"score":285,"percentile":316},"2025-12-07",0.4389,{"date":318,"score":285,"percentile":319},"2025-12-08",0.43895,{"date":321,"score":285,"percentile":322},"2025-12-09",0.4393,{"date":324,"score":285,"percentile":325},"2025-12-10",0.43999,{"date":327,"score":285,"percentile":328},"2025-12-11",0.44027,{"date":330,"score":285,"percentile":331},"2025-12-12",0.44054,{"date":333,"score":285,"percentile":334},"2025-12-13",0.44033,{"date":336,"score":285,"percentile":337},"2025-12-14",0.44003,{"date":339,"score":285,"percentile":340},"2025-12-15",0.43985,{"date":342,"score":285,"percentile":343},"2025-12-16",0.44008,{"date":345,"score":285,"percentile":346},"2025-12-17",0.4405,{"date":348,"score":285,"percentile":349},"2025-12-18",0.4409,{"date":351,"score":285,"percentile":352},"2025-12-19",0.44108,{"date":354,"score":285,"percentile":355},"2025-12-20",0.44085,{"date":357,"score":285,"percentile":346},"2025-12-21",{"date":359,"score":285,"percentile":360},"2025-12-22",0.44026,{"date":362,"score":285,"percentile":363},"2025-12-23",0.44022,{"date":365,"score":285,"percentile":334},"2025-12-24",{"date":367,"score":285,"percentile":368},"2025-12-25",0.44084,{"date":370,"score":285,"percentile":371},"2025-12-26",0.44065,{"date":373,"score":285,"percentile":374},"2025-12-27",0.44081,{"date":376,"score":285,"percentile":377},"2025-12-28",0.43991,{"date":379,"score":285,"percentile":380},"2025-12-29",0.43972,{"date":382,"score":285,"percentile":383},"2025-12-30",0.43967,{"date":385,"score":285,"percentile":386},"2025-12-31",0.44015,{"date":388,"score":285,"percentile":389},"2026-01-01",0.44157,{"date":391,"score":285,"percentile":392},"2026-01-02",0.44132,{"date":394,"score":285,"percentile":395},"2026-01-03",0.44122,{"date":397,"score":285,"percentile":398},"2026-01-04",0.43957,{"date":400,"score":285,"percentile":401},"2026-01-05",0.43941,{"date":403,"score":285,"percentile":404},"2026-01-06",0.43942,{"date":406,"score":285,"percentile":407},"2026-01-07",0.43964,{"date":409,"score":285,"percentile":410},"2026-01-08",0.4399,{"date":412,"score":285,"percentile":413},"2026-01-09",0.4397,{"date":415,"score":285,"percentile":416},"2026-01-10",0.43968,{"date":418,"score":285,"percentile":419},"2026-01-11",0.43946,{"date":421,"score":285,"percentile":422},"2026-01-12",0.43893,{"date":424,"score":285,"percentile":425},"2026-01-13",0.43868,{"date":427,"score":285,"percentile":289},"2026-01-14",{"date":429,"score":285,"percentile":430},"2026-01-15",0.43916,{"date":432,"score":285,"percentile":433},"2026-01-16",0.43937,{"date":435,"score":285,"percentile":436},"2026-01-17",0.43906,{"date":438,"score":439,"percentile":440},"2026-01-18",0.00102,0.28676,{"date":442,"score":439,"percentile":443},"2026-01-19",0.2864,{"date":445,"score":439,"percentile":446},"2026-01-20",0.28623,{"date":448,"score":439,"percentile":449},"2026-01-21",0.28561,{"date":451,"score":439,"percentile":452},"2026-01-22",0.28534,{"date":454,"score":439,"percentile":455},"2026-01-23",0.2861,{"date":457,"score":439,"percentile":458},"2026-01-24",0.28599,{"date":460,"score":439,"percentile":461},"2026-01-25",0.28521,{"date":463,"score":464,"percentile":465},"2026-01-26",0.00099,0.2802,{"date":467,"score":464,"percentile":468},"2026-01-27",0.27998,{"date":470,"score":464,"percentile":471},"2026-01-28",0.27985,{"date":473,"score":464,"percentile":474},"2026-01-29",0.27936,{"date":476,"score":464,"percentile":477},"2026-01-30",0.27931,{"date":479,"score":464,"percentile":480},"2026-01-31",0.27935,{"date":482,"score":464,"percentile":483},"2026-02-01",0.27994,[485,494],{"source":90,"cvss_v2_0":486,"cvss_v3_0":490,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":487,"baseSeverity":9,"vectorString":488,"impactScore":88,"exploitabilityScore":489},4.4,"AV:L/AC:M/Au:N/C:P/I:P/A:P",3.4,{"baseScore":88,"baseSeverity":491,"vectorString":91,"impactScore":492,"exploitabilityScore":493},"MEDIUM",9.8,1.3,{"source":97,"cvss_v2_0":9,"cvss_v3_0":495,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":88,"baseSeverity":9,"vectorString":91,"impactScore":492,"exploitabilityScore":493},[497,509],{"ecosystem":9,"name":498,"vendor":498,"product":498,"cpe_part":499,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":500},"docker","a",[501],{"version":502,"is_range":503,"range_type":504,"version_start":505,"version_start_type":506,"version_end":507,"version_end_type":508,"fixed_in":9},"gte1.11.0_lt1.12.6",true,"cpe","1.11.0","including","1.12.6","excluding",{"ecosystem":510,"name":511,"vendor":512,"product":513,"cpe_part":9,"purl_type":514,"purl_namespace":512,"purl_name":513,"source":9,"versions":515},"Go","github.com/opencontainers/runc","github.com/opencontainers","runc","golang",[516],{"version":517,"is_range":503,"range_type":518,"version_start":9,"version_start_type":9,"version_end":519,"version_end_type":508,"fixed_in":9},"lt1_0_0_rc3","semver","1.0.0-rc3"]