VYPR

Vendor CVEs

Cri O

All CVEs

102 total · sorted by risk
  • CVE-2018-1002101Dec 5, 2018
    risk 0.00cvss epss 0.04

    In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, user input was handled insecurely while setting up volume mounts on Windows nodes, which could lead to command line argument injection.

  • CVE-2018-1000400HigMay 18, 2018
    risk 0.00cvss 8.8epss 0.02

    Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error (CWE-270) vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears…

Page 3 of 3