3 matches found
OESA-2025-2752 containerd security update
containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...
containerd affected by a local privilege escalation via wide permissions on CRI directory
Impact An overly broad default permission vulnerability was found in containerd. - /var/lib/containerd was created with the permission bits 0o711, while it should be created with 0o700 - Allowed local users on the host to potentially access the metadata store and the content store -...
CVE-2025-9566
Vulnerability (CVE-2025-9566) affects the podman component. The issue arises when using the kube play command with a volume mount from a Secrete or a ConfigMap whose volume contains a symbolic link to a host file path; an attacker can cause the host file to be overwritten. The attack is limited t...