RHCOS 4 : OpenShift Container Platform 4.11.34 (RHSA-2023:1503)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1503 advisory. - cri-o: /etc/passwd tampering privesc CVE-2022-4318 Note that Nessus has not tested for this issue but has instead relied only on the...

RHCOS 4 : OpenShift Container Platform 4.12.6 (RHSA-2023:1033)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1033 advisory. - cri-o: /etc/passwd tampering privesc CVE-2022-4318 Note that Nessus has not tested for this issue but has instead relied only on the...

CVE-2022-4318

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable...

CVE-2022-4318

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable...

CVE-2022-4318

CVE-2022-4318 is confirmed in multiple records as a vulnerability in cri-o that enables tampering of /etc/passwd via a specially crafted environment variable, effectively a privilege escalation path. Affected scope includes cri-o deployments used by Red Hat OpenShift platforms (OpenShift 4.x line...