{"id":"CVE-2021-30465","details":"runc before 1.0.0-rc95 allows a Container Filesystem Breakout via Directory Traversal. To exploit the vulnerability, an attacker must be able to create multiple containers with a fairly specific mount configuration. The problem occurs via a symlink-exchange attack that relies on a race condition.","aliases":["GHSA-c3xm-pvg7-gh7r","GO-2022-0914"],"modified":"2026-04-16T00:05:33.017079644Z","published":"2021-05-27T13:15:08.077Z","related":["ALSA-2021:2291","ALSA-2021:2370","ALSA-2021:2371","CGA-qqf4-pjrx-g369","GHSA-c3xm-pvg7-gh7r","SUSE-SU-2021:1885-1","SUSE-SU-2021:1954-1","SUSE-SU-2021:3336-1","SUSE-SU-2021:3506-1","openSUSE-SU-2021:0878-1","openSUSE-SU-2021:1404-1","openSUSE-SU-2021:1954-1","openSUSE-SU-2021:3506-1","openSUSE-SU-2024:11358-1","openSUSE-SU-2025:15424-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/35ZW6NBZSBH5PWIT7JU4HXOXGFVDCOHH/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4HOARVIT47RULTTFWAU7XBG4WY6TDDHV/"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2021/05/19/2"},{"type":"ADVISORY","url":"https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f"},{"type":"ADVISORY","url":"https://github.com/opencontainers/runc/releases"},{"type":"ADVISORY","url":"https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202107-26"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20210708-0003/"},{"type":"REPORT","url":"https://bugzilla.opensuse.org/show_bug.cgi?id=1185405"},{"type":"FIX","url":"https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f"},{"type":"FIX","url":"https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2021/05/19/2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/opencontainers/runc","events":[{"introduced":"0"},{"fixed":"0ca91f44f1664da834bc61115a849b56d22f595f"}]}],"versions":["v0.0.1","v0.0.2","v0.0.3","v0.0.4","v0.0.5","v0.0.6","v0.0.7","v0.0.8","v0.0.9","v0.1.0","v0.1.1","v1.0.0-rc1","v1.0.0-rc10","v1.0.0-rc2","v1.0.0-rc3","v1.0.0-rc4","v1.0.0-rc5","v1.0.0-rc6","v1.0.0-rc7","v1.0.0-rc8","v1.0.0-rc9","v1.0.0-rc90","v1.0.0-rc91","v1.0.0-rc92","v1.0.0-rc93","v1.0.0-rc94"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-30465.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}]}