CVE-2016-0761

EUVD-2016-0780
Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems on the host.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
cloudfoundrygarden_linux
𝑥
≤ 0.332.0
pivotal_softwarecloud_foundry_elastic_runtime
1.6.0
pivotal_softwarecloud_foundry_elastic_runtime
1.6.1
pivotal_softwarecloud_foundry_elastic_runtime
1.6.2
pivotal_softwarecloud_foundry_elastic_runtime
1.6.3
pivotal_softwarecloud_foundry_elastic_runtime
1.6.4
pivotal_softwarecloud_foundry_elastic_runtime
1.6.5
pivotal_softwarecloud_foundry_elastic_runtime
1.6.6
pivotal_softwarecloud_foundry_elastic_runtime
1.6.7
pivotal_softwarecloud_foundry_elastic_runtime
1.6.8
pivotal_softwarecloud_foundry_elastic_runtime
1.6.9
pivotal_softwarecloud_foundry_elastic_runtime
1.6.10
pivotal_softwarecloud_foundry_elastic_runtime
1.6.11
pivotal_softwarecloud_foundry_elastic_runtime
1.6.12
pivotal_softwarecloud_foundry_elastic_runtime
1.6.13
pivotal_softwarecloud_foundry_elastic_runtime
1.6.14
pivotal_softwarecloud_foundry_elastic_runtime
1.6.15
pivotal_softwarecloud_foundry_elastic_runtime
1.6.16
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://pivotal.io/security/cve-2016-0761
https://pivotal.io/security/cve-2016-0761