The vulnerability of the CRI-O Container Engine’s application programming interface allows a malicious actor to read and write arbitrary files on the host system.
The vulnerability of the CRI-O Container Engine’s application programming interface relates to the creation of a symbolic link that points to any directory or file on the host system, through traversing directories. Exploiting this vulnerability allows an attacker to read and write arbitrary file...