The flaws let attackers abuse masked paths, console bind-mounts, and redirected writes to escape containers and gain host privileges. Three newly disclosed high-severity bugs in the “runc” container ...