Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-5154

Опубликовано: 12 июн. 2024
Источник: debian
EPSS Низкий

Описание

A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
cri-oitppackage

EPSS

Процентиль: 45%
0.00222
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-5154

CVSS3: 8.1
ubuntu
около 1 года назад

A flaw was found in cri-o. A malicious container can create a symbolic link pointing to an arbitrary directory or file on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.

redhat логотип

CVE-2024-5154

CVSS3: 8.1
redhat
около 1 года назад

A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.

nvd логотип

CVE-2024-5154

CVSS3: 8.1
nvd
около 1 года назад

A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.

redos логотип

ROS-20240626-16

CVSS3: 8.1
redos
около 1 года назад

Уязвимость cri-o

github логотип

GHSA-j9hf-98c3-wrm8

CVSS3: 8.1
github
около 1 года назад

malicious container creates symlink "mtab" on the host External

EPSS

Процентиль: 45%
0.00222
Низкий