Dcos Mesosphere Dcos

stack.watch can email you when security vulnerabilities are reported in Mesosphere Dcos. You can add multiple products that you use with Dcos to create your own personal software stack watcher.

By the Year

In 2021 there have been 0 vulnerabilities in Mesosphere Dcos . Dcos did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 0 0.00
2019 1 8.60
2018 0 0.00

It may take a day or so for new Dcos vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Mesosphere Dcos Security Vulnerabilities

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access

CVE-2019-5736 8.6 - High - February 11, 2019

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. This occurs because of file-descriptor mishandling, related to /proc/self/exe.

CVE-2019-5736 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Containment Errors (Container Errors)