Lucene search
K

8 matches found

RedHat Linux
RedHat Linux
added 5 days ago4 views

Kubelet: CRI-O: kube-apiserver: Kubelet, CRI-O, kube-apiserver: Denial of Service via SPDY streaming code

A flaw was found in the SPDY streaming code used by Kubelet, CRI-O, and kube-apiserver. An attacker with specific cluster roles, such as those allowing access to pod port forwarding, execution, or attachment, or node proxying, could exploit this vulnerability. This could lead to a Denial of Servi...

8.7CVSS6AI score0.00656EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2025/09/04 4:19 a.m.3 views

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deployed.

...

9CVSS7AI score0.18561EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:34 a.m.3 views

SUSE CVE-2022-0811

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deploy...

9CVSS7.5AI score0.18561EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/25 12:0 a.m.59 views

CRI-O 安全漏洞

CRI-O is a lightweight container runtime environment for the Kubernetes system. CRI-O suffers from a security vulnerability that stems from the fact that if an attacker has direct access to an affected container where a supplemental group is used to set access permissions and is able to execute...

7.1CVSS5.8AI score0.0037EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2022/03/23 9:51 a.m.4 views

CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deploy...

9CVSS6.2AI score0.18561EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/22 5:31 p.m.2 views

CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deploy...

9CVSS6.2AI score0.18561EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2022/03/21 12:13 p.m.9 views

CRI-O: Arbitrary code execution in cri-o via abusing “kernel.core_pattern” kernel parameter

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes cluster that uses the CRI-O runtime to achieve a container escape and arbitrary code execution as root on the cluster node, where the malicious pod was deploy...

9CVSS6.2AI score0.18561EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2019/09/23 8:2 p.m.6 views

openshift-ansible: dockergc service account incorrectly associated with namespace during upgrade

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by...

8.8CVSS5.8AI score0.01053EPSS
Exploits1References4
Rows per page
Query Builder