IT之家11 月 10 日消息，科技媒体 bleepingcomputer 昨日（11 月 9 日）发布博文，报道称容器核心组件 runC 近日披露三项高危漏洞（CVE-2025-31133 等），影响 Docker、Kubernetes 等主流平台。 IT之家注：runC 是一个轻量级的命令行工具，是容器技术的“发动机”。它根据开放容器标准（OCI）来负责创建和运行容器，是 Docker、Kub ...

此次 runC 漏洞的曝光，再次警示我们，在拥抱云原生技术的同时，必须高度重视容器安全。 容器逃逸漏洞的出现，不仅威胁到单个容器的安全性，更可能影响到整个宿主机乃至云环境的稳定和安全。 随着云原生技术的不断发展，容器安全将成为一个长期而艰巨的挑战。 开发者和运维人员需要不断学习和掌握最新的安全技术，及时更新和维护系统，并采取有效的安全措施，才能确保云原生环境的安全可靠运行。

runC是容器技术的核心组件，作为一个轻量级的命令行工具，它负责根据开放容器标准（OCI）创建和运行容器。因此，runC的安全性直接影响到Docker和Kubernetes等更高级工具的安全性。此次漏洞的曝光意味着，许多云原生环境将面临严峻的安全挑战。

Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to ...

As Kelsey Hightower, Google Cloud Platform staff developer advocate and best-known teacher of all things Kubernetes, tweeted: "Docker != Containers. There are container images. Docker can build them.

Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. Despite this low adoption, the hype is for good reason, as containers can make a significant ...

Before deploying any container-based applications, it’s crucial to first protect its security by ensuring a Docker, Kubernetes, or other container firewall is in place. There are two ways to implement ...

If you’ve kept up with the latest trends in software development, there are two terms you’ve undoubtedly encountered again and again: Docker and Kubernetes, which are essentially shorthand for ...

Unless you live under a rock, you know that Docker’s valuation is over $1B and the Docker brand is one of the most talked about brands in all of technology. Docker is known as the defacto standard for ...

The other big name from the world of containers that you’ve almost certainly heard is Docker. Docker wasn’t the first container engine but in many ways it has come to define containerization. Much of ...