CVE-2020-2023 (GCVE-0-2020-2023)

Vulnerability from cvelistv5 – Published: 2020-06-10 17:30 – Updated: 2024-09-17 01:15
VLAI?
Title
Kata Containers - Containers have access to the guest root filesystem device
Summary
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.
Severity ?
3.8 (Low)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Assigner
References
Impacted products
Vendor Product Version
Kata Containers Kata Containers Affected: 1.11 , < 1.11.1 (custom)
Affected: 1.10 , < 1.10.5 (custom)
Affected: 1 , ≤ 1.9 (custom)
Create a notification for this product.
Credits
Yuval Avrahami, Palo Alto Networks
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T06:54:00.678Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/kata-containers/runtime/pull/2487"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/kata-containers/runtime/pull/2477"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/kata-containers/runtime/issues/2488"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/kata-containers/agent/issues/791"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/kata-containers/agent/pull/792"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Kata Containers",
          "vendor": "Kata Containers",
          "versions": [
            {
              "lessThan": "1.11.1",
              "status": "affected",
              "version": "1.11",
              "versionType": "custom"
            },
            {
              "lessThan": "1.10.5",
              "status": "affected",
              "version": "1.10",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "1.9",
              "status": "affected",
              "version": "1",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "value": "Affects QEMU and Cloud Hypervisor guests on the default configuration. Doesn\u0027t affect initrd (initramfs) based guests. Requires the container to have CAP_SYS_MKNOD, the default in Docker and Kubernetes with containerd, but not in Kubernetes with CRI-O."
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Yuval Avrahami, Palo Alto Networks"
        }
      ],
      "datePublic": "2020-06-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Kata Containers doesn\u0027t restrict containers from accessing the guest\u0027s root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250 Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-06-10T17:30:12.000Z",
        "orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
        "shortName": "palo_alto"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kata-containers/runtime/pull/2487"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kata-containers/runtime/pull/2477"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kata-containers/runtime/issues/2488"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kata-containers/agent/issues/791"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kata-containers/agent/pull/792"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Kata Containers - Containers have access to the guest root filesystem device",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@paloaltonetworks.com",
          "DATE_PUBLIC": "2020-06-10T16:00:00.000Z",
          "ID": "CVE-2020-2023",
          "STATE": "PUBLIC",
          "TITLE": "Kata Containers - Containers have access to the guest root filesystem device"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Kata Containers",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "1.11",
                            "version_value": "1.11.1"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_name": "1.10",
                            "version_value": "1.10.5"
                          },
                          {
                            "version_affected": "\u003c=",
                            "version_name": "1",
                            "version_value": "1.9"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Kata Containers"
              }
            ]
          }
        },
        "configuration": [
          {
            "lang": "en",
            "value": "Affects QEMU and Cloud Hypervisor guests on the default configuration. Doesn\u0027t affect initrd (initramfs) based guests. Requires the container to have CAP_SYS_MKNOD, the default in Docker and Kubernetes with containerd, but not in Kubernetes with CRI-O."
          }
        ],
        "credit": [
          {
            "lang": "eng",
            "value": "Yuval Avrahami, Palo Alto Networks"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Kata Containers doesn\u0027t restrict containers from accessing the guest\u0027s root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-250 Execution with Unnecessary Privileges"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/kata-containers/runtime/pull/2487",
              "refsource": "MISC",
              "url": "https://github.com/kata-containers/runtime/pull/2487"
            },
            {
              "name": "https://github.com/kata-containers/runtime/pull/2477",
              "refsource": "MISC",
              "url": "https://github.com/kata-containers/runtime/pull/2477"
            },
            {
              "name": "https://github.com/kata-containers/runtime/issues/2488",
              "refsource": "MISC",
              "url": "https://github.com/kata-containers/runtime/issues/2488"
            },
            {
              "name": "https://github.com/kata-containers/agent/issues/791",
              "refsource": "MISC",
              "url": "https://github.com/kata-containers/agent/issues/791"
            },
            {
              "name": "https://github.com/kata-containers/agent/pull/792",
              "refsource": "MISC",
              "url": "https://github.com/kata-containers/agent/pull/792"
            },
            {
              "name": "https://github.com/kata-containers/runtime/releases/tag/1.11.1",
              "refsource": "MISC",
              "url": "https://github.com/kata-containers/runtime/releases/tag/1.11.1"
            },
            {
              "name": "https://github.com/kata-containers/runtime/releases/tag/1.10.5",
              "refsource": "MISC",
              "url": "https://github.com/kata-containers/runtime/releases/tag/1.10.5"
            }
          ]
        },
        "source": {
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
    "assignerShortName": "palo_alto",
    "cveId": "CVE-2020-2023",
    "datePublished": "2020-06-10T17:30:12.051Z",
    "dateReserved": "2019-12-04T00:00:00.000Z",
    "dateUpdated": "2024-09-17T01:15:36.499Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"1.9\", \"matchCriteriaId\": \"0AB886E3-03F3-43FA-AE4F-092FA6246A31\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.10\", \"versionEndExcluding\": \"1.10.5\", \"matchCriteriaId\": \"FD1E8DE9-C5B6-4DA0-A5B2-A6C3B38DD2B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.11\", \"versionEndExcluding\": \"1.11.1\", \"matchCriteriaId\": \"1358CC70-876F-4CA6-AC86-551883794212\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Kata Containers doesn\u0027t restrict containers from accessing the guest\u0027s root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.\"}, {\"lang\": \"es\", \"value\": \"Kata Containers no restringe el acceso de los contenedores al dispositivo del sistema de archivos root del invitado. Los contenedores maliciosos pueden explotar esto para obtener la ejecuci\\u00f3n del c\\u00f3digo en el invitado y hacerse pasar por el agente de kata. Este problema afecta a: Kata Containers versiones 1.11 anteriores a 1.11.1; Kata Containers  versiones 1.10 anteriores a 1.10.5; y Kata Containers  versiones 1.9 y anteriores\"}]",
      "id": "CVE-2020-2023",
      "lastModified": "2024-11-21T05:24:28.640",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N\", \"baseScore\": 3.8, \"baseSeverity\": \"LOW\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.0, \"impactScore\": 1.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L\", \"baseScore\": 6.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.0, \"impactScore\": 3.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2020-06-10T18:15:11.280",
      "references": "[{\"url\": \"https://github.com/kata-containers/agent/issues/791\", \"source\": \"psirt@paloaltonetworks.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/agent/pull/792\", \"source\": \"psirt@paloaltonetworks.com\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/kata-containers/runtime/issues/2488\", \"source\": \"psirt@paloaltonetworks.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/runtime/pull/2477\", \"source\": \"psirt@paloaltonetworks.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/runtime/pull/2487\", \"source\": \"psirt@paloaltonetworks.com\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/runtime/releases/tag/1.10.5\", \"source\": \"psirt@paloaltonetworks.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/runtime/releases/tag/1.11.1\", \"source\": \"psirt@paloaltonetworks.com\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/agent/issues/791\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/agent/pull/792\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/kata-containers/runtime/issues/2488\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/runtime/pull/2477\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/runtime/pull/2487\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/runtime/releases/tag/1.10.5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/kata-containers/runtime/releases/tag/1.11.1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "psirt@paloaltonetworks.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"psirt@paloaltonetworks.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-250\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-2023\",\"sourceIdentifier\":\"psirt@paloaltonetworks.com\",\"published\":\"2020-06-10T18:15:11.280\",\"lastModified\":\"2024-11-21T05:24:28.640\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Kata Containers doesn\u0027t restrict containers from accessing the guest\u0027s root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions.\"},{\"lang\":\"es\",\"value\":\"Kata Containers no restringe el acceso de los contenedores al dispositivo del sistema de archivos root del invitado. Los contenedores maliciosos pueden explotar esto para obtener la ejecuci\u00f3n del c\u00f3digo en el invitado y hacerse pasar por el agente de kata. Este problema afecta a: Kata Containers versiones 1.11 anteriores a 1.11.1; Kata Containers  versiones 1.10 anteriores a 1.10.5; y Kata Containers  versiones 1.9 y anteriores\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N\",\"baseScore\":3.8,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.0,\"impactScore\":1.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.0,\"impactScore\":3.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"psirt@paloaltonetworks.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-250\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.9\",\"matchCriteriaId\":\"0AB886E3-03F3-43FA-AE4F-092FA6246A31\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.10\",\"versionEndExcluding\":\"1.10.5\",\"matchCriteriaId\":\"FD1E8DE9-C5B6-4DA0-A5B2-A6C3B38DD2B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:katacontainers:runtime:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.11\",\"versionEndExcluding\":\"1.11.1\",\"matchCriteriaId\":\"1358CC70-876F-4CA6-AC86-551883794212\"}]}]}],\"references\":[{\"url\":\"https://github.com/kata-containers/agent/issues/791\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/agent/pull/792\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kata-containers/runtime/issues/2488\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/runtime/pull/2477\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/runtime/pull/2487\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/runtime/releases/tag/1.10.5\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/runtime/releases/tag/1.11.1\",\"source\":\"psirt@paloaltonetworks.com\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/agent/issues/791\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/agent/pull/792\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/kata-containers/runtime/issues/2488\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/runtime/pull/2477\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/runtime/pull/2487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/runtime/releases/tag/1.10.5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/kata-containers/runtime/releases/tag/1.11.1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.