CPE Details
Kata Containers Runtime 1.11.0 Alpha 1
1.11.0
2020-05-20
15h36 +00:00
15h36 +00:00
2020-05-20
15h36 +00:00
15h36 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:katacontainers:runtime:1.11.0:alpha1:*:*:*:*:*:*
Informations
Vendor
katacontainersProduct
runtimeVersion
1.11.0Update
alpha1Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions. | 6.3 |
Moyen |
||
| A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions. | 8.8 |
Haute |
