CRLF Injection

Overview Affected versions of this package are vulnerable to CRLF Injection via improper validation of environment variable values in the container configuration process. An attacker can execute arbitrary commands as root on the host by injecting newlines into environment variables, which results...

malicious container creates symlink "mtab" on the host External

Impact A malicious container can affect the host by taking advantage of code cri-o added to show the container mounts on the host. A workload built from this Dockerfile: FROM docker.io/library/busybox as source RUN mkdir /extra && cd /extra && ln -s ../../../../../../../../root etc FROM scratch...