In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers. CREATE(Triage):(User=admin) CVE-2017-18641 (https://nvd.nist.gov/vuln/detail/CVE-2017-18641)