[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-29162":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":131,"aliases":132,"duplicate_of":9,"upstream":135,"downstream":136,"duplicates":167,"related":168,"reserved_at":9,"published_at":184,"modified_at":185,"state":186,"summary":187,"references_raw":196,"kevs":256,"epss":257,"epss_history":260,"metrics":520,"affected":538},"CVE-2022-29162","runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. A bug was found in runc prior to version 1.1.2 where `runc exec --cap` created processes with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capabilities to elevate those capabilities to the permitted set during execve(2). This bug did not affect the container security sandbox as the inheritable set never contained more capabilities than were included in the container's bounding set. This bug has been fixed in runc 1.1.2. This fix changes `runc exec --cap` behavior such that the additional capabilities granted to the process being executed (as specified via `--cap` arguments) do not include inheritable capabilities. In addition, `runc spec` is changed to not set any inheritable capabilities in the created example OCI spec (`config.json`) file.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-276","Incorrect Default Permissions","During installation, installed file permissions are set to allow anyone to modify those files.","weakness","Draft","Base","Medium",[20,68,127],{"id":21,"name":22,"techniques":23},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[24],{"id":25,"name":26,"tactics":27,"countermeasures":43},"T1574.010","Services File Permissions Weakness",[28,31,34,37,40],{"id":29,"name":30},"TA0110","Persistence",{"id":32,"name":33},"TA0111","Privilege Escalation",{"id":35,"name":36},"TA0030","Defense Evasion",{"id":38,"name":39},"TA0005","Stealth",{"id":41,"name":42},"TA0104","Execution",[44,49,53,58,63],{"id":45,"name":46,"tactic":47},"D3-SWI","Software Inventory",{"name":48},"Model",{"id":50,"name":51,"tactic":52},"D3-AVE","Asset Vulnerability Enumeration",{"name":48},{"id":54,"name":55,"tactic":56},"D3-SBV","Service Binary Verification",{"name":57},"Detect",{"id":59,"name":60,"tactic":61},"D3-SU","Software Update",{"name":62},"Harden",{"id":64,"name":65,"tactic":66},"D3-RS","Restore Software",{"name":67},"Restore",{"id":69,"name":70,"techniques":71},"CAPEC-127","Directory Indexing",[72],{"id":73,"name":74,"tactics":75,"countermeasures":79},"T1083","File and Directory Discovery",[76],{"id":77,"name":78},"TA0102","Discovery",[80,84,88,93,98,102,106,111,115,119,123],{"id":81,"name":82,"tactic":83},"D3-FA","File Analysis",{"name":57},{"id":85,"name":86,"tactic":87},"D3-FIM","File Integrity Monitoring",{"name":57},{"id":89,"name":90,"tactic":91},"D3-FEV","File Eviction",{"name":92},"Evict",{"id":94,"name":95,"tactic":96},"D3-DF","Decoy File",{"name":97},"Deceive",{"id":99,"name":100,"tactic":101},"D3-FE","File Encryption",{"name":62},{"id":103,"name":104,"tactic":105},"D3-RF","Restore File",{"name":67},{"id":107,"name":108,"tactic":109},"D3-LFP","Local File Permissions",{"name":110},"Isolate",{"id":112,"name":113,"tactic":114},"D3-CF","Content Filtering",{"name":110},{"id":116,"name":117,"tactic":118},"D3-RFAM","Remote File Access Mediation",{"name":110},{"id":120,"name":121,"tactic":122},"D3-CQ","Content Quarantine",{"name":110},{"id":124,"name":125,"tactic":126},"D3-CM","Content Modification",{"name":110},{"id":128,"name":129,"techniques":130},"CAPEC-81","Web Server Logs Tampering",[],[],[133,134],"GHSA-f3fp-gc8g-vw66","GO-2022-0452",[],[137,139,141,143,145,147,149,151,153,155,157,159,161,163,165],{"_key":138},"RHSA-2022:8090",{"_key":140},"SUSE-SU-2022:2165-1",{"_key":142},"UBUNTU-CVE-2022-29162",{"_key":144},"SUSE-SU-2022:2341-1",{"_key":146},"SUSE-SU-2022:3321-1",{"_key":148},"SUSE-SU-2022:3333-1",{"_key":150},"OPENSUSE-SU-2024:12074-1",{"_key":152},"DLA-3369-1",{"_key":154},"OPENSUSE-SU-2025:15424-1",{"_key":156},"MGASA-2022-0192",{"_key":158},"DEBIAN-CVE-2022-29162",{"_key":160},"USN-6088-2",{"_key":162},"RHSA-2022:5068",{"_key":164},"RHSA-2022:7457",{"_key":166},"RHSA-2022:7469",[],[169,170,172,173,174,175,176,177,178,180,182],{"_key":140},{"_key":171},"CVE-2025-27612",{"_key":144},{"_key":146},{"_key":148},{"_key":150},{"_key":154},{"_key":156},{"_key":179},"CGA-M9G7-XVF3-J5VF",{"_key":181},"CGA-WQW9-3QXR-W572",{"_key":183},"CGA-PPFH-23G2-WQV3","2022-05-17T00:00:00.000Z","2025-04-23T18:25:42.249Z","Modified",{"cisa_kev":188,"cisa_ransomware":188,"cisa_vendor":9,"epss_severity":189,"epss_score":190,"severity":191,"severity_score":192,"severity_version":193,"severity_source":194,"severity_vector":195,"severity_status":186},false,"low",0.00127,"high",7.8,"v3.1","nvd","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[197,206,212,217,222,226,230,235,239,243,247,251],{"url":198,"sources":199,"tags":202},"https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66",[200,194,201],"cve.org","osv_go",[203,204,205],"Third Party Advisory","WEB","Advisory",{"url":207,"sources":208,"tags":209},"https://github.com/opencontainers/runc/commit/d04de3a9b72d7a2455c1885fc75eb36d02cd17b5",[200,194,201],[210,203,204,211],"Patch","FIX",{"url":213,"sources":214,"tags":215},"https://github.com/opencontainers/runc/releases/tag/v1.1.2",[200,194,201],[216,203,204],"Release Notes",{"url":218,"sources":219,"tags":220},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND/",[200,194],[221],"Vendor Advisory",{"url":223,"sources":224,"tags":225},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y/",[200,194],[221],{"url":227,"sources":228,"tags":229},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB/",[200,194],[221],{"url":231,"sources":232,"tags":233},"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html",[200,194,201],[234,204],"Mailing List",{"url":236,"sources":237,"tags":238},"https://nvd.nist.gov/vuln/detail/CVE-2022-29162",[201],[205],{"url":240,"sources":241,"tags":242},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVPZBV7ISA7QKRPTC7ZXWKMIQI2HZEBB",[201],[204],{"url":244,"sources":245,"tags":246},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D77CKD3AXPMU4PMQIQI5Q74SI4JATNND",[201],[204],{"url":248,"sources":249,"tags":250},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GPQU4YC4AAY54JDXGDQHJEYKSXXG5T2Y",[201],[204],{"url":252,"sources":253,"tags":254},"github.com/opencontainers/runc",[201],[255],"PACKAGE",[],{"date":258,"score":190,"percentile":259},"2026-06-04",0.31487,[261,265,268,271,274,277,280,283,286,289,292,295,298,300,303,307,310,313,315,318,320,323,326,329,332,335,338,341,344,347,350,353,355,357,360,363,366,369,372,375,378,381,384,386,389,392,395,398,400,402,404,406,409,411,414,417,420,423,426,429,432,435,438,441,444,447,450,453,455,458,461,464,467,470,472,475,478,481,484,487,490,493,496,499,502,505,508,511,514,517],{"date":262,"score":263,"percentile":264},"2025-11-04",0.00138,0.34349,{"date":266,"score":263,"percentile":267},"2025-11-05",0.34336,{"date":269,"score":263,"percentile":270},"2025-11-06",0.34337,{"date":272,"score":263,"percentile":273},"2025-11-07",0.34355,{"date":275,"score":263,"percentile":276},"2025-11-08",0.34348,{"date":278,"score":263,"percentile":279},"2025-11-09",0.3433,{"date":281,"score":263,"percentile":282},"2025-11-10",0.3428,{"date":284,"score":263,"percentile":285},"2025-11-11",0.34307,{"date":287,"score":263,"percentile":288},"2025-11-12",0.34353,{"date":290,"score":263,"percentile":291},"2025-11-13",0.34371,{"date":293,"score":263,"percentile":294},"2025-11-14",0.34376,{"date":296,"score":263,"percentile":297},"2025-11-15",0.34374,{"date":299,"score":263,"percentile":276},"2025-11-16",{"date":301,"score":263,"percentile":302},"2025-11-17",0.34323,{"date":304,"score":305,"percentile":306},"2025-11-18",0.00111,0.25178,{"date":308,"score":305,"percentile":309},"2025-11-19",0.25202,{"date":311,"score":305,"percentile":312},"2025-11-20",0.25211,{"date":314,"score":263,"percentile":273},"2025-11-21",{"date":316,"score":263,"percentile":317},"2025-11-22",0.34357,{"date":319,"score":263,"percentile":302},"2025-11-23",{"date":321,"score":263,"percentile":322},"2025-11-24",0.34298,{"date":324,"score":263,"percentile":325},"2025-11-25",0.34294,{"date":327,"score":263,"percentile":328},"2025-11-26",0.34292,{"date":330,"score":263,"percentile":331},"2025-11-27",0.34302,{"date":333,"score":263,"percentile":334},"2025-11-28",0.34283,{"date":336,"score":263,"percentile":337},"2025-11-29",0.34266,{"date":339,"score":263,"percentile":340},"2025-11-30",0.34245,{"date":342,"score":263,"percentile":343},"2025-12-01",0.34347,{"date":345,"score":263,"percentile":346},"2025-12-02",0.34361,{"date":348,"score":263,"percentile":349},"2025-12-03",0.34359,{"date":351,"score":263,"percentile":352},"2025-12-04",0.34251,{"date":354,"score":263,"percentile":334},"2025-12-05",{"date":356,"score":263,"percentile":334},"2025-12-06",{"date":358,"score":263,"percentile":359},"2025-12-07",0.3426,{"date":361,"score":263,"percentile":362},"2025-12-08",0.34271,{"date":364,"score":263,"percentile":365},"2025-12-09",0.34313,{"date":367,"score":263,"percentile":368},"2025-12-10",0.34364,{"date":370,"score":263,"percentile":371},"2025-12-11",0.34386,{"date":373,"score":263,"percentile":374},"2025-12-12",0.34413,{"date":376,"score":263,"percentile":377},"2025-12-13",0.34395,{"date":379,"score":263,"percentile":380},"2025-12-14",0.34368,{"date":382,"score":263,"percentile":383},"2025-12-15",0.34327,{"date":385,"score":263,"percentile":288},"2025-12-16",{"date":387,"score":263,"percentile":388},"2025-12-17",0.34404,{"date":390,"score":263,"percentile":391},"2025-12-18",0.34452,{"date":393,"score":263,"percentile":394},"2025-12-19",0.34474,{"date":396,"score":263,"percentile":397},"2025-12-20",0.34458,{"date":399,"score":263,"percentile":388},"2025-12-21",{"date":401,"score":263,"percentile":297},"2025-12-22",{"date":403,"score":263,"percentile":380},"2025-12-23",{"date":405,"score":263,"percentile":346},"2025-12-24",{"date":407,"score":263,"percentile":408},"2025-12-25",0.34426,{"date":410,"score":263,"percentile":388},"2025-12-26",{"date":412,"score":263,"percentile":413},"2025-12-27",0.3442,{"date":415,"score":263,"percentile":416},"2025-12-28",0.34317,{"date":418,"score":263,"percentile":419},"2025-12-29",0.34284,{"date":421,"score":263,"percentile":422},"2025-12-30",0.34274,{"date":424,"score":263,"percentile":425},"2025-12-31",0.34325,{"date":427,"score":263,"percentile":428},"2026-01-01",0.34478,{"date":430,"score":263,"percentile":431},"2026-01-02",0.3447,{"date":433,"score":263,"percentile":434},"2026-01-03",0.34456,{"date":436,"score":263,"percentile":437},"2026-01-04",0.34309,{"date":439,"score":263,"percentile":440},"2026-01-05",0.3429,{"date":442,"score":263,"percentile":443},"2026-01-06",0.34301,{"date":445,"score":263,"percentile":446},"2026-01-07",0.34316,{"date":448,"score":263,"percentile":449},"2026-01-08",0.34343,{"date":451,"score":263,"percentile":452},"2026-01-09",0.3434,{"date":454,"score":263,"percentile":449},"2026-01-10",{"date":456,"score":263,"percentile":457},"2026-01-11",0.34322,{"date":459,"score":263,"percentile":460},"2026-01-12",0.34256,{"date":462,"score":263,"percentile":463},"2026-01-13",0.34244,{"date":465,"score":263,"percentile":466},"2026-01-14",0.34282,{"date":468,"score":263,"percentile":469},"2026-01-15",0.34273,{"date":471,"score":263,"percentile":325},"2026-01-16",{"date":473,"score":263,"percentile":474},"2026-01-17",0.34279,{"date":476,"score":263,"percentile":477},"2026-01-18",0.34222,{"date":479,"score":263,"percentile":480},"2026-01-19",0.34186,{"date":482,"score":263,"percentile":483},"2026-01-20",0.34169,{"date":485,"score":263,"percentile":486},"2026-01-21",0.34135,{"date":488,"score":263,"percentile":489},"2026-01-22",0.34112,{"date":491,"score":263,"percentile":492},"2026-01-23",0.34172,{"date":494,"score":263,"percentile":495},"2026-01-24",0.34181,{"date":497,"score":263,"percentile":498},"2026-01-25",0.34123,{"date":500,"score":263,"percentile":501},"2026-01-26",0.34033,{"date":503,"score":263,"percentile":504},"2026-01-27",0.34026,{"date":506,"score":263,"percentile":507},"2026-01-28",0.34004,{"date":509,"score":190,"percentile":510},"2026-01-29",0.32378,{"date":512,"score":190,"percentile":513},"2026-01-30",0.3237,{"date":515,"score":190,"percentile":516},"2026-01-31",0.3238,{"date":518,"score":190,"percentile":519},"2026-02-01",0.32473,[521,528,536],{"source":200,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":522,"cvss_v4_0":9},{"baseScore":523,"baseSeverity":524,"vectorString":525,"impactScore":526,"exploitabilityScore":527},5.9,"MEDIUM","CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",5.7,6.4,{"source":194,"cvss_v2_0":529,"cvss_v3_0":9,"cvss_v3_1":533,"cvss_v4_0":9},{"baseScore":530,"baseSeverity":9,"vectorString":531,"impactScore":527,"exploitabilityScore":532},4.6,"AV:L/AC:L/Au:N/C:P/I:P/A:P",3.9,{"baseScore":192,"baseSeverity":534,"vectorString":195,"impactScore":535,"exploitabilityScore":530},"HIGH",9.8,{"source":201,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":537,"cvss_v4_0":9},{"baseScore":523,"baseSeverity":9,"vectorString":525,"impactScore":526,"exploitabilityScore":527},[539,551,563,569],{"ecosystem":9,"name":540,"vendor":541,"product":540,"cpe_part":542,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":543},"fedora","fedoraproject","o",[544,547,549],{"version":545,"is_range":188,"range_type":546,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"34","cpe",{"version":548,"is_range":188,"range_type":546,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"35",{"version":550,"is_range":188,"range_type":546,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"36",{"ecosystem":552,"name":252,"vendor":553,"product":554,"cpe_part":9,"purl_type":555,"purl_namespace":553,"purl_name":554,"source":9,"versions":556},"Go","github.com/opencontainers","runc","golang",[557],{"version":558,"is_range":559,"range_type":560,"version_start":9,"version_start_type":9,"version_end":561,"version_end_type":562,"fixed_in":9},"lt1_1_2",true,"semver","1.1.2","excluding",{"ecosystem":9,"name":554,"vendor":564,"product":554,"cpe_part":565,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":566},"linuxfoundation","a",[567],{"version":568,"is_range":559,"range_type":546,"version_start":9,"version_start_type":9,"version_end":561,"version_end_type":562,"fixed_in":9},"lt1.1.2",{"ecosystem":9,"name":554,"vendor":570,"product":554,"cpe_part":565,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":571},"opencontainers",[572],{"version":573,"is_range":559,"range_type":200,"version_start":9,"version_start_type":9,"version_end":561,"version_end_type":562,"fixed_in":9},"\u003C 1.1.2"]