Description
The admin sys mode is now conditional and dedicated for the special case. By default, since ezmaster@5.2.11 no instance (container) is launched with advanced capabilities (not launched as root)
Remediation
References
https://github.com/Inist-CNRS/ezmaster/pull/51
https://github.com/Inist-CNRS/ezmaster/security/advisories/GHSA-g654-5qjf-g6cx
https://github.com/Inist-CNRS/ezmaster/blob/master/CHANGELOG.md#ezmaster-5211
Related Vulnerabilities
CVE-2021-31522 Vulnerability in maven package org.apache.kylin:kylin-server-base
CVE-2020-26939 Vulnerability in maven package org.bouncycastle:bcprov-jdk15on
CVE-2019-3772 Vulnerability in maven package org.springframework.integration:spring-integration-ws
CVE-2021-3223 Vulnerability in npm package node-red-dashboard
CVE-2019-10773 Vulnerability in maven package org.webjars.npm:yarn