The runc process.cwd and leaked fds container breakout vulnerability (CVE-2024-21626) affects all versions of runc <=1.1.11, used by Docker engine and other containerization technologies such as Kubernetes. Exploitation can result in container escape to the underlying host OS, potentially executing malicious code or accessing sensitive files. The vulnerability occurs due to a flaw in the order of operations when applying the WORKDIR directive defined in the Dockerfile. runc has mitigated this issue by ensuring the directory specified in the WORKDIR directive is present in the container root filesystem and implementing additional hardening steps. Snyk recommends taking immediate action, updating to runc 1.1.12 or later, and following vendor advisories to mitigate this security vulnerability. Organizations can use Snyk's tools for runtime detection and static analysis to evaluate their risk or exposure, although these tools cannot prevent exploitation.