Cri-o Security Vulnerabilities and Issues — Cri-o CVE List

Lucene search

KubernetesCri-o

3 matches found

CVE•added 2022/06/07 6:15 p.m.•2341 views

CVE-2022-1708

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a man...

7.8CVSS7.3AI score0.00495EPSS

CVE•added 2023/09/25 8:15 p.m.•193 views

CVE-2022-4318

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.

7.8CVSS7.4AI score0.00042EPSS

CVE•added 2022/09/19 8:15 p.m.•140 views

CVE-2022-2995

Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a...

7.1CVSS7.1AI score0.00028EPSS