Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Hotdog Container Escape
Vulnerability Description
Incomplete fix for CVE-2021-3101. Hotdog, prior to v1.0.2, did not mimic the resource limits, device restrictions, or syscall filters of the target JVM process. This would allow a container to exhaust the resources of the host, modify devices, or make syscalls that would otherwise be blocked.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
带着不必要的权限执行
Vulnerability Title
Hotdog 安全漏洞
Vulnerability Description
Hotdog是一组 OCI 挂钩。用于将 Log4j Hot Patch 注入容器。 Hotdog v1.0.2之前版本存在安全漏洞,该漏洞源于应用没有有效进行目标 JVM 进程的资源限制、设备限制或系统调用过滤器。攻击者利用该漏洞可以实现容器耗尽主机资源、修改设备或进行系统调用。
CVSS Information
N/A
Vulnerability Type
N/A