{"id":"CVE-2016-0761","details":"Cloud Foundry Garden-Linux versions prior to v0.333.0 and Elastic Runtime 1.6.x version prior to 1.6.17 contain a flaw in managing container files during Docker image preparation that could be used to delete, corrupt or overwrite host files and directories, including other container filesystems on the host.","modified":"2026-04-11T12:00:10.304932Z","published":"2017-05-25T17:29:00.490Z","database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","extracted_events":[{"last_affected":"0.332.0"}],"cpe":"cpe:2.3:a:cloudfoundry:garden_linux:*:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.10"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.10:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.11"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.11:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.12"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.12:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.13"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.13:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.14"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.14:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.15"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.15:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.16"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.16:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.6"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.6:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.7"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.7:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.8"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.8:*:*:*:*:*:*:*"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"1.6.9"}],"cpe":"cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.9:*:*:*:*:*:*:*"}]},"references":[{"type":"ADVISORY","url":"https://pivotal.io/security/cve-2016-0761"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cloudfoundry/uaa","events":[{"introduced":"0"},{"last_affected":"ae59bf11fec166fd075b1dbead2ae16effa57e3f"},{"last_affected":"96b1fc8e3a982b6f478e363f3919a4a16e0a6a92"},{"last_affected":"58caa488fe3cc30f745b9f5079c42141d606436b"},{"last_affected":"e0080f861db5b30c0793973e5c4fff7153040ecb"},{"last_affected":"bb75c2730c921667652b4589d67bec2246b1f306"},{"last_affected":"cde7ba5da9b64cb45bd64c61c6fb2899bbc3e0f2"}],"database_specific":{"source":"CPE_FIELD","extracted_events":[{"introduced":"0"},{"last_affected":"1.6.0"},{"last_affected":"1.6.1"},{"last_affected":"1.6.2"},{"last_affected":"1.6.3"},{"last_affected":"1.6.4"},{"last_affected":"1.6.5"}],"cpe":["cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.0:*:*:*:*:*:*:*","cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.1:*:*:*:*:*:*:*","cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.2:*:*:*:*:*:*:*","cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.3:*:*:*:*:*:*:*","cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.4:*:*:*:*:*:*:*","cpe:2.3:a:pivotal_software:cloud_foundry_elastic_runtime:1.6.5:*:*:*:*:*:*:*"]}}],"versions":["1.0.1","1.0.3","1.1","1.1.1","1.1.2","1.2.0","1.2.6","1.4.0","1.4.1","1.4.2","1.4.3","1.4.5","1.4.6","1.4.7","1.5.0","1.5.2","1.5.2.1","1.5.3","1.5.4","1.5.4.1","1.6.0","1.6.1","1.6.2","1.6.3","1.6.4","1.6.5"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-0761.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}