Description
The admin sys mode is now conditional and dedicated for the special case. By default, since ezmaster@5.2.11 no instance (container) is launched with advanced capabilities (not launched as root)
Remediation
References
https://github.com/Inist-CNRS/ezmaster/blob/master/CHANGELOG.md#ezmaster-5211
https://github.com/Inist-CNRS/ezmaster/pull/51
https://github.com/Inist-CNRS/ezmaster/security/advisories/GHSA-g654-5qjf-g6cx
Related Vulnerabilities
CVE-2016-6797 Vulnerability in maven package org.apache.tomcat:catalina
CVE-2020-13942 Vulnerability in maven package org.apache.unomi:unomi-services
CVE-2018-11615 Vulnerability in npm package mosca
CVE-2014-4611 Vulnerability in maven package net.jpountz.lz4:lz4
CVE-2020-35491 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind