{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T19:06:18.471","vulnerabilities":[{"cve":{"id":"CVE-2019-0204","sourceIdentifier":"security@apache.org","published":"2019-03-25T22:29:00.730","lastModified":"2024-11-21T04:16:28.980","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A specifically crafted Docker image running under the root user can overwrite the init helper binary of the container runtime and/or the command executor in Apache Mesos versions pre-1.4.x, 1.4.0 to 1.4.2, 1.5.0 to 1.5.2, 1.6.0 to 1.6.1, and 1.7.0 to 1.7.1. A malicious actor can therefore gain root-level code execution on the host."},{"lang":"es","value":"Una imagen Docker especialmente manipulada que se ejecuta bajo un usuario root puede sobrescribir el binario init helper del tiempo de ejecución del contenedor y/o del ejecutor de comandos en Apache Mesos, en versiones pre-1.4.x, de 1.4.0 a 1.4.2, de 1.5.0 a 1.5.2, de 1.6.0 a 1.6.1 y de 1.7.0 a 1.7.1. Un actor malicioso puede, por lo tanto, lograr la ejecución de código de nivel root en el host."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*","versionStartIncluding":"1.4.0","versionEndExcluding":"1.4.3","matchCriteriaId":"CA0695E0-954A-4533-9D93-58257E9EA6D5"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*","versionStartIncluding":"1.5.0","versionEndExcluding":"1.5.3","matchCriteriaId":"B51B8DF0-FCE4-42A7-A582-0476226C6188"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*","versionStartIncluding":"1.6.0","versionEndExcluding":"1.6.2","matchCriteriaId":"01878119-E05A-469B-B49D-5D19082CED28"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:mesos:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7.0","versionEndExcluding":"1.7.2","matchCriteriaId":"1AB1BB7C-46A1-4676-9D15-D75EC1E4594C"},{"vulnerable":true,"criteria":"cpe:2.3:a:apache:mesos:1.8.0:dev:*:*:*:*:*:*","matchCriteriaId":"E5262F5B-F30B-42AF-9D48-77041AC709AB"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:redhat:fuse:7.5.0:*:*:*:*:*:*:*","matchCriteriaId":"ECF2CBAC-69B9-41A5-9999-6C07090A6204"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/107605","source":"security@apache.org","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3892","source":"security@apache.org","tags":["Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/b162dd624dc088cd634292f0402282a1d1d0ce853baeae8205bc033c%40%3Cdev.mesos.apache.org%3E","source":"security@apache.org"},{"url":"http://www.securityfocus.com/bid/107605","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://access.redhat.com/errata/RHSA-2019:3892","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://lists.apache.org/thread.html/b162dd624dc088cd634292f0402282a1d1d0ce853baeae8205bc033c%40%3Cdev.mesos.apache.org%3E","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}