VYPR

guest-oslogin

by Google Cloud Platform

CVEs (1)

  • CVE-2020-8933HigJun 22, 2020
    risk 0.00cvss 7.8epss 0.00

    A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and…