CVE-2018-11757

Summary

In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inheriting the Docker tag openwhisk/dockerskeleton:1.3.0 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationDocker Skeleton Runtime for Apache OpenWhiskDocker tag openwhisk/dockerskeleton 1.3.0 (or lower)affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References