‘Leaky Vessels’ Docker Vulnerabilities Found in Many Cloud Environments: RunC (60%) and BuildKit (28%)

Originally published by Orca Security. Written by Roi Nisimi.On January 31st, Snyk unveiled the discovery of four novel container vulnerabilities that target the runC and BuildKit components within Docker container environments. The vulnerabilities were assigned CVEs with CVSS scores ranging from 8.6 to 10: CVE-2024-21626 in runC, and CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653 in BuildKit. While no active exploits have been detected yet, these vulnerabilities pose a significant risk b...

buildkit cloud cloud environments components container cve cve-2024 cves cvss cvss scores discovery docker environments found january leaky vessels novel orca orca security roi runc security snyk target vulnerabilities written