Docker Skeleton Runtime for Apache OpenWhisk: User Function Replacement Vulnerability

Docker Skeleton Runtime for Apache OpenWhisk: User Function Replacement Vulnerability

CVE-2018-11757 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inheriting the Docker tag openwhisk/dockerskeleton:1.3.0 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation.

Learn more about our Cis Benchmark Audit For Apache Http Server.