Filtered by vendor Katacontainers
Subscribe
Search
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-2023 | 1 Katacontainers | 1 Runtime | 2021-10-19 | 4.6 MEDIUM | 6.3 MEDIUM |
| Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; and Kata Containers 1.9 and earlier versions. | |||||
| CVE-2020-2024 | 1 Katacontainers | 1 Runtime | 2020-05-21 | 2.1 LOW | 6.5 MEDIUM |
| An improper link resolution vulnerability affects Kata Containers versions prior to 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS. | |||||