What the vulnerability does

01Description

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Key dates

02Disclosure timeline

October 6, 2021 CVE published
August 3, 2024 Record updated