One Article Review
| Source |  CrowdStrike |
|---|---|
| Identifiant | 4537612 |
| Date de publication | 2022-05-03 08:37:30 (vue: 2022-05-03 13:06:06) |
| Titre | CVE-2022-23648: Kubernetes Container Escape Using Containerd CRI Plugin and Mitigation |
| Texte | CVE-2022-23648, reported by Googleâs Project Zero in November 2021, is a Kubernetes runtime vulnerability found in Containerd, a popular Kubernetes runtime. It lies in Containerdâs CRI plugin that handles OCI image specs containing âVolumes.â The attacker can add Volume containing path traversal to the image and use it to copy arbitrary files from the host […] |
| Notes | |
| Envoyé | Oui |
| Condensat | 2021 2022 23648 23648: add arbitrary attacker can container containerd containerdâs containing copy cri cve escape files found from googleâs handles host image kubernetes lies mitigation november oci path plugin popular project reported runtime specs traversal use using volume vulnerability zero âvolumes â |
| Tags | Vulnerability |
| Stories | Uber |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.