Tag - CVE-2016-9962

How CVE-2018-19039 Affects Percona Monitoring and Management

CVE-2018-19039

Grafana Labs has released an important security update, and as you’re aware PMM uses Grafana internally. You’re probably curious whether this issue affects you.  CVE-2018-19039 “File Exfiltration vulnerability Security fix” covers a recently discovered security flaw that allows any Grafana user with Editor or Admin permissions to have read access to the filesystem, performed with the […]

Read more

Docker Security Vulnerability CVE-2016-9962

CVE-2018-19039

Docker 1.12.6 was released to address CVE-2016-9962. CVE-2016-9962 is a serious vulnerability with RunC.
Quoting the coreos page (linked above):
“RunC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new processes […]

Read more