[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-21626":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":25,"aliases":64,"duplicate_of":9,"upstream":67,"downstream":68,"duplicates":137,"related":138,"reserved_at":9,"published_at":221,"modified_at":222,"state":223,"summary":224,"references_raw":232,"kevs":303,"epss":304,"epss_history":307,"metrics":593,"affected":603},"CVE-2024-21626","runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem (\"attack 2\"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run (\"attack 1\"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes (\"attack 3a\" and \"attack 3b\"). runc 1.1.12 includes patches for this issue.",null,[11,19],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-403","Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')","A process does not close sensitive file descriptors before invoking a child process, which allows the child to perform unauthorized I/O operations using those descriptors.","weakness","Draft","Base",[],{"_key":20,"id":20,"name":21,"description":22,"type":15,"status":16,"abstraction":23,"likelihood_of_exploit":9,"capec":24},"CWE-668","Exposure of Resource to Wrong Sphere","The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.","Class",[],[26,35,43],{"_key":27,"name":28,"source":29,"url":30,"maturity":31,"reliability_score":32,"verified":33,"type":9,"platforms":34,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_OPENCONTAINERS_RUNC","Runc","github","https://github.com/opencontainers/runc/issues/2128","poc",0.3,false,[],{"_key":36,"name":37,"source":38,"url":39,"maturity":40,"reliability_score":41,"verified":33,"type":9,"platforms":42,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_C6880B92F847568E","Exploit Reference (packetstormsecurity.com)","reference","http://packetstormsecurity.com/files/176993/runc-1.1.11-File-Descriptor-Leak-Privilege-Escalation.html","unknown",0.2,[],{"_key":44,"name":45,"source":46,"url":47,"maturity":48,"reliability_score":49,"verified":50,"type":51,"platforms":52,"requires_auth":33,"exploitdb":9,"metasploit":53},"MSF_EXPLOIT_LINUX_LOCAL_RUNC_CWD_PRIV_ESC","runc (docker) File Descriptor Leak Privilege Escalation","metasploit","https://github.com/rapid7/metasploit-framework/blob/master/modules/exploit/linux/local/runc_cwd_priv_esc.rb","weaponized",1,true,"remote",[],{"fullname":54,"rank":55,"rank_name":56,"post_auth":33,"check":50,"notes":57},"exploit/linux/local/runc_cwd_priv_esc",600,"excellent",{"Stability":58,"SideEffects":60,"Reliability":62},[59],"crash-safe",[61],"artifacts-on-disk",[63],"repeatable-session",[65,66],"GHSA-xr7r-f8xq-vfvv","GO-2024-2491",[],[69,71,73,75,77,79,81,83,85,87,89,91,93,95,97,99,101,103,105,107,109,111,113,115,117,119,121,123,125,127,129,131,133,135],{"_key":70},"OPENSUSE-SU-2024:13644-1",{"_key":72},"SUSE-SU-2024:0294-1",{"_key":74},"SUSE-SU-2024:0328-1",{"_key":76},"UBUNTU-CVE-2024-21626",{"_key":78},"USN-6619-1",{"_key":80},"SUSE-SU-2024:0295-1",{"_key":82},"SUSE-SU-2024:0459-1",{"_key":84},"OPENSUSE-SU-2024:13754-1",{"_key":86},"OPENSUSE-SU-2024:14059-1",{"_key":88},"OPENSUSE-SU-2025:0074-1",{"_key":90},"DLA-3735-1",{"_key":92},"DSA-5615-1",{"_key":94},"DEBIAN-CVE-2024-21626",{"_key":96},"RHSA-2024:0645",{"_key":98},"RHSA-2024:0662",{"_key":100},"RHSA-2024:0666",{"_key":102},"RHSA-2024:0670",{"_key":104},"RHSA-2024:0684",{"_key":106},"RHSA-2024:0717",{"_key":108},"RHSA-2024:0752",{"_key":110},"RHSA-2024:0755",{"_key":112},"RHSA-2024:0756",{"_key":114},"RHSA-2024:0757",{"_key":116},"RHSA-2024:0758",{"_key":118},"RHSA-2024:0759",{"_key":120},"RHSA-2024:0760",{"_key":122},"RHSA-2024:0764",{"_key":124},"RHSA-2024:10149",{"_key":126},"RHSA-2024:10520",{"_key":128},"RHSA-2024:10525",{"_key":130},"RHSA-2024:10841",{"_key":132},"RHSA-2024:1270",{"_key":134},"RHSA-2024:0748",{"_key":136},"RHSA-2024:4597",[],[139,140,141,142,143,144,145,146,147,149,151,153,155,157,159,161,163,165,167,169,171,173,175,177,179,181,183,185,187,189,191,193,195,197,199,201,203,205,207,209,211,213,215,217,219],{"_key":70},{"_key":72},{"_key":74},{"_key":80},{"_key":82},{"_key":84},{"_key":86},{"_key":88},{"_key":148},"CGA-2Q9Q-6X5G-C2W7",{"_key":150},"CGA-4WMP-6W9C-3V8Q",{"_key":152},"CGA-54VG-JP34-P35P",{"_key":154},"CGA-5X2H-36HW-9965",{"_key":156},"CGA-64RQ-G7W8-3C7X",{"_key":158},"CGA-65M7-CCR8-4G9J",{"_key":160},"CGA-67FJ-6R3J-P53Q",{"_key":162},"CGA-6PWP-3FF7-889G",{"_key":164},"CGA-6V2J-G2F3-PVGW",{"_key":166},"CGA-7RHP-J5XR-5GQP",{"_key":168},"CGA-8JMH-8CGV-2VXG",{"_key":170},"CGA-9CRF-J5HR-93VM",{"_key":172},"CGA-9HGJ-3V5X-JJCG",{"_key":174},"CGA-C789-Q27J-6MPR",{"_key":176},"CGA-CV79-CG97-9G65",{"_key":178},"CGA-CXH5-6369-99JV",{"_key":180},"CGA-F3CH-6FCJ-R53W",{"_key":182},"CGA-HVMC-H55Q-V8M5",{"_key":184},"CGA-MCQ5-95P2-HJ5C",{"_key":186},"CGA-MFMJ-R5G5-WFFG",{"_key":188},"CGA-MG57-2H9Q-J725",{"_key":190},"CGA-P43V-R7VP-QQHJ",{"_key":192},"CGA-P4MM-JVFH-V2C4",{"_key":194},"CGA-P5C4-P5QH-QJ2R",{"_key":196},"CGA-PQ5M-QV53-GP3F",{"_key":198},"CGA-PXXM-RF97-H5G3",{"_key":200},"CGA-Q742-F852-979G",{"_key":202},"CGA-QC9X-2PQM-HF8V",{"_key":204},"CGA-R3F8-GXP4-G4GX",{"_key":206},"CGA-RCMH-9CVP-HXQX",{"_key":208},"CGA-RJ88-FQR5-5Q68",{"_key":210},"CGA-RP4C-746F-JV9F",{"_key":212},"CGA-VQJJ-C67F-M9XH",{"_key":214},"CGA-W59C-9CGG-524F",{"_key":216},"CGA-WGQP-PMF2-JRJ8",{"_key":218},"CGA-WQX8-C66F-GJ4F",{"_key":220},"CGA-JMJC-PH87-4994","2024-01-31T21:31:14.391Z","2025-05-15T16:02:34.619Z","Modified",{"cisa_kev":33,"cisa_ransomware":33,"cisa_vendor":9,"epss_severity":225,"epss_score":226,"severity":227,"severity_score":228,"severity_version":229,"severity_source":230,"severity_vector":231,"severity_status":223},"low",0.05076,"high",8.6,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",[233,244,251,256,261,265,270,274,278,282,286,290,295,299],{"url":234,"sources":235,"tags":238},"https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv",[230,236,237],"nvd","osv_go",[239,240,241,242,243],"X Refsource CONFIRM","Exploit","Vendor Advisory","WEB","Advisory",{"url":245,"sources":246,"tags":247},"https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf",[230,236,237],[248,249,242,250],"X Refsource MISC","Patch","FIX",{"url":252,"sources":253,"tags":254},"https://github.com/opencontainers/runc/releases/tag/v1.1.12",[230,236,237],[248,255,242],"Release Notes",{"url":257,"sources":258,"tags":259},"http://www.openwall.com/lists/oss-security/2024/02/01/1",[230,236,237],[260,242],"Mailing List",{"url":262,"sources":263,"tags":264},"http://www.openwall.com/lists/oss-security/2024/02/02/3",[230,236,237],[260,242],{"url":39,"sources":266,"tags":267},[230,236,237],[240,268,269,242],"Third Party Advisory","VDB Entry",{"url":271,"sources":272,"tags":273},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL/",[230,236],[260],{"url":275,"sources":276,"tags":277},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J/",[230,236],[],{"url":279,"sources":280,"tags":281},"https://lists.debian.org/debian-lts-announce/2024/02/msg00005.html",[230,236,237],[242],{"url":283,"sources":284,"tags":285},"https://www.vicarius.io/vsociety/posts/leaky-vessels-part-1-cve-2024-21626",[230,236],[],{"url":287,"sources":288,"tags":289},"https://nvd.nist.gov/vuln/detail/CVE-2024-21626",[237],[243],{"url":291,"sources":292,"tags":293},"https://github.com/opencontainers/runc",[237],[294],"PACKAGE",{"url":296,"sources":297,"tags":298},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2NLXNE23Q5ESQUAI22Z7A63JX2WMPJ2J",[237],[242],{"url":300,"sources":301,"tags":302},"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SYMO3BANINS6RGFQFKPRG4FIOJ7GWYTL",[237],[242],[],{"date":305,"score":226,"percentile":306},"2026-06-04",0.89965,[308,312,315,319,322,325,328,331,333,336,339,342,346,349,352,356,359,362,366,369,372,375,377,379,383,387,390,393,397,400,404,408,411,415,418,420,423,427,431,434,437,439,442,444,447,451,454,458,461,463,467,470,474,477,480,483,486,489,492,496,499,502,506,509,513,517,520,523,525,528,531,534,537,541,545,548,551,554,557,560,563,566,569,572,574,576,580,583,586,589],{"date":309,"score":310,"percentile":311},"2025-11-04",0.03475,0.87051,{"date":313,"score":310,"percentile":314},"2025-11-05",0.87053,{"date":316,"score":317,"percentile":318},"2025-11-06",0.03631,0.87319,{"date":320,"score":317,"percentile":321},"2025-11-07",0.87326,{"date":323,"score":317,"percentile":324},"2025-11-08",0.8733,{"date":326,"score":317,"percentile":327},"2025-11-09",0.87325,{"date":329,"score":317,"percentile":330},"2025-11-10",0.87324,{"date":332,"score":317,"percentile":324},"2025-11-11",{"date":334,"score":317,"percentile":335},"2025-11-12",0.87335,{"date":337,"score":317,"percentile":338},"2025-11-13",0.8734,{"date":340,"score":317,"percentile":341},"2025-11-14",0.87343,{"date":343,"score":344,"percentile":345},"2025-11-15",0.03385,0.869,{"date":347,"score":344,"percentile":348},"2025-11-16",0.86902,{"date":350,"score":344,"percentile":351},"2025-11-17",0.86898,{"date":353,"score":354,"percentile":355},"2025-11-18",0.02695,0.84562,{"date":357,"score":354,"percentile":358},"2025-11-19",0.84563,{"date":360,"score":354,"percentile":361},"2025-11-20",0.8457,{"date":363,"score":364,"percentile":365},"2025-11-21",0.03609,0.873,{"date":367,"score":364,"percentile":368},"2025-11-22",0.87295,{"date":370,"score":364,"percentile":371},"2025-11-23",0.87291,{"date":373,"score":364,"percentile":374},"2025-11-24",0.87292,{"date":376,"score":364,"percentile":374},"2025-11-25",{"date":378,"score":364,"percentile":371},"2025-11-26",{"date":380,"score":381,"percentile":382},"2025-11-27",0.04002,0.87945,{"date":384,"score":385,"percentile":386},"2025-11-28",0.04679,0.88852,{"date":388,"score":385,"percentile":389},"2025-11-29",0.88922,{"date":391,"score":385,"percentile":392},"2025-11-30",0.88917,{"date":394,"score":395,"percentile":396},"2025-12-01",0.03269,0.86783,{"date":398,"score":395,"percentile":399},"2025-12-02",0.86786,{"date":401,"score":402,"percentile":403},"2025-12-03",0.03087,0.86384,{"date":405,"score":406,"percentile":407},"2025-12-04",0.03929,0.87883,{"date":409,"score":406,"percentile":410},"2025-12-05",0.87885,{"date":412,"score":413,"percentile":414},"2025-12-06",0.03901,0.87844,{"date":416,"score":413,"percentile":417},"2025-12-07",0.87845,{"date":419,"score":413,"percentile":417},"2025-12-08",{"date":421,"score":413,"percentile":422},"2025-12-09",0.87858,{"date":424,"score":425,"percentile":426},"2025-12-10",0.03827,0.87743,{"date":428,"score":429,"percentile":430},"2025-12-11",0.04532,0.88755,{"date":432,"score":429,"percentile":433},"2025-12-12",0.88758,{"date":435,"score":429,"percentile":436},"2025-12-13",0.8876,{"date":438,"score":429,"percentile":436},"2025-12-14",{"date":440,"score":429,"percentile":441},"2025-12-15",0.88763,{"date":443,"score":429,"percentile":441},"2025-12-16",{"date":445,"score":429,"percentile":446},"2025-12-17",0.88767,{"date":448,"score":449,"percentile":450},"2025-12-18",0.05662,0.90055,{"date":452,"score":449,"percentile":453},"2025-12-19",0.90056,{"date":455,"score":456,"percentile":457},"2025-12-20",0.04848,0.89168,{"date":459,"score":456,"percentile":460},"2025-12-21",0.89176,{"date":462,"score":456,"percentile":460},"2025-12-22",{"date":464,"score":465,"percentile":466},"2025-12-23",0.0509,0.89451,{"date":468,"score":465,"percentile":469},"2025-12-24",0.89457,{"date":471,"score":472,"percentile":473},"2025-12-25",0.05695,0.90116,{"date":475,"score":472,"percentile":476},"2025-12-26",0.90115,{"date":478,"score":472,"percentile":479},"2025-12-27",0.90162,{"date":481,"score":472,"percentile":482},"2025-12-28",0.9011,{"date":484,"score":472,"percentile":485},"2025-12-29",0.90106,{"date":487,"score":472,"percentile":488},"2025-12-30",0.90113,{"date":490,"score":472,"percentile":491},"2025-12-31",0.90122,{"date":493,"score":494,"percentile":495},"2026-01-01",0.04151,0.88382,{"date":497,"score":494,"percentile":498},"2026-01-02",0.88377,{"date":500,"score":494,"percentile":501},"2026-01-03",0.88374,{"date":503,"score":504,"percentile":505},"2026-01-04",0.05362,0.89778,{"date":507,"score":504,"percentile":508},"2026-01-05",0.89775,{"date":510,"score":511,"percentile":512},"2026-01-06",0.05262,0.89662,{"date":514,"score":515,"percentile":516},"2026-01-07",0.04099,0.8825,{"date":518,"score":515,"percentile":519},"2026-01-08",0.88256,{"date":521,"score":515,"percentile":522},"2026-01-09",0.88258,{"date":524,"score":515,"percentile":522},"2026-01-10",{"date":526,"score":515,"percentile":527},"2026-01-11",0.88251,{"date":529,"score":515,"percentile":530},"2026-01-12",0.88249,{"date":532,"score":515,"percentile":533},"2026-01-13",0.88246,{"date":535,"score":515,"percentile":536},"2026-01-14",0.8826,{"date":538,"score":539,"percentile":540},"2026-01-15",0.04442,0.88701,{"date":542,"score":543,"percentile":544},"2026-01-16",0.04096,0.88261,{"date":546,"score":543,"percentile":547},"2026-01-17",0.88262,{"date":549,"score":539,"percentile":550},"2026-01-18",0.88708,{"date":552,"score":539,"percentile":553},"2026-01-19",0.88706,{"date":555,"score":539,"percentile":556},"2026-01-20",0.88709,{"date":558,"score":539,"percentile":559},"2026-01-21",0.88714,{"date":561,"score":539,"percentile":562},"2026-01-22",0.88718,{"date":564,"score":539,"percentile":565},"2026-01-23",0.8873,{"date":567,"score":539,"percentile":568},"2026-01-24",0.88739,{"date":570,"score":539,"percentile":571},"2026-01-25",0.88736,{"date":573,"score":539,"percentile":568},"2026-01-26",{"date":575,"score":539,"percentile":568},"2026-01-27",{"date":577,"score":578,"percentile":579},"2026-01-28",0.04559,0.88898,{"date":581,"score":578,"percentile":582},"2026-01-29",0.88903,{"date":584,"score":578,"percentile":585},"2026-01-30",0.88904,{"date":587,"score":578,"percentile":588},"2026-01-31",0.88899,{"date":590,"score":591,"percentile":592},"2026-02-01",0.03521,0.87393,[594,599,601],{"source":230,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":595,"cvss_v4_0":9},{"baseScore":228,"baseSeverity":596,"vectorString":231,"impactScore":597,"exploitabilityScore":598},"HIGH",10,4.6,{"source":236,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":600,"cvss_v4_0":9},{"baseScore":228,"baseSeverity":596,"vectorString":231,"impactScore":597,"exploitabilityScore":598},{"source":237,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":602,"cvss_v4_0":9},{"baseScore":228,"baseSeverity":9,"vectorString":231,"impactScore":597,"exploitabilityScore":598},[604,612,626,632],{"ecosystem":9,"name":605,"vendor":606,"product":605,"cpe_part":607,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":608},"fedora","fedoraproject","o",[609],{"version":610,"is_range":33,"range_type":611,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"39","cpe",{"ecosystem":613,"name":614,"vendor":615,"product":616,"cpe_part":9,"purl_type":617,"purl_namespace":615,"purl_name":616,"source":9,"versions":618},"Go","github.com/opencontainers/runc","github.com/opencontainers","runc","golang",[619],{"version":620,"is_range":50,"range_type":621,"version_start":622,"version_start_type":623,"version_end":624,"version_end_type":625,"fixed_in":9},"gte1_0_0_rc93_lt1_1_12","semver","1.0.0-rc93","including","1.1.12","excluding",{"ecosystem":9,"name":616,"vendor":627,"product":616,"cpe_part":628,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":629},"linuxfoundation","a",[630],{"version":631,"is_range":50,"range_type":611,"version_start":9,"version_start_type":9,"version_end":624,"version_end_type":625,"fixed_in":9},"lt1.1.12",{"ecosystem":9,"name":616,"vendor":633,"product":616,"cpe_part":628,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":634},"opencontainers",[635],{"version":636,"is_range":50,"range_type":230,"version_start":637,"version_start_type":623,"version_end":624,"version_end_type":625,"fixed_in":9},">=v1.0.0-rc93, \u003C 1.1.12","v1.0.0-rc93"]