Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-05-03 08:37:30 |
CVE-2022-23648: Kubernetes Container Escape Using Containerd CRI Plugin and Mitigation (lien direct) |
CVE-2022-23648, reported by Googleâs Project Zero in November 2021, is a Kubernetes runtime vulnerability found in Containerd, a popular Kubernetes runtime. It lies in Containerdâs CRI plugin that handles OCI image specs containing âVolumes.â The attacker can add Volume containing path traversal to the image and use it to copy arbitrary files from the host […] |
Vulnerability
|
Uber
|
|
|
2022-03-15 12:19:11 |
(Déjà vu) cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) |
CrowdStrike cloud security researchers discovered a new vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] |
Vulnerability
Threat
|
Uber
|
|
|
2022-03-15 12:19:11 |
cr8escape: Zero-day in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) (lien direct) |
CrowdStrike cloud security researchers discovered a zero-day vulnerability (dubbed âcr8escapeâ and tracked as CVE-2022-0811) in the Kubernetes container engine CRI-O. CrowdStrike disclosed the vulnerability to Kubernetes, which worked with CRI-O to issue a patch that was released today. It is recommended that CRI-O users patch immediately. CrowdStrike customers are protected from this threat by the […] |
Vulnerability
Threat
|
Uber
|
|