Описание
A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Issue Tracking
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Issue Tracking
- Vendor Advisory
Уязвимые конфигурации
Одно из
Одновременно
Одно из
Одно из
EPSS
8.1 High
CVSS3
Дефекты
Связанные уязвимости
A flaw was found in cri-o. A malicious container can create a symbolic link pointing to an arbitrary directory or file on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.
A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal (“../“). This flaw allows the container to read and write to arbitrary files on the host system.
A flaw was found in cri-o. A malicious container can create a symbolic ...
malicious container creates symlink "mtab" on the host External
EPSS
8.1 High
CVSS3