CVE-2020-2026
CVSS v3.1
8.8 (High)
CVSS v2.0
4.6 (Medium)
EPSS
0.05 % (23th)
Affected Products
2
Advisories
8
A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This issue affects: Kata Containers 1.11 versions earlier than 1.11.1; Kata Containers 1.10 versions earlier than 1.10.5; Kata Containers 1.9 and earlier versions.
Weaknesses
- CWE-59
- Improper Link Resolution Before File Access ('Link Following')
- CVE Status
- PUBLISHED
- CNA
- Palo Alto Networks, Inc.
- Published Date
-
2020-06-10 18:15:11
(4 years ago) - Updated Date
-
2023-11-07 03:21:33
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...