Go modules package
github.com/kata-containers/runtime
pkg:golang/github.com/kata-containers/runtime
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-2023 | — | < 1.9.1 | 1.9.1 | Jun 10, 2020 | Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Co | ||
| CVE-2020-2026 | — | < 1.9.1 | 1.9.1 | Jun 10, 2020 | A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This |
- CVE-2020-2023Jun 10, 2020affected < 1.9.1fixed 1.9.1
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11.1; Kata Co
- CVE-2020-2026Jun 10, 2020affected < 1.9.1fixed 1.9.1
A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This