CVE-2020-28914 – An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When u …

17 November 2020

Vuln ID: CVE-2020-28914

Published: 2020-11-17 22:15:12Z

Description: An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only.

Source: NVD.NIST.GOV

Date:

17 November 2020

Categorie(s):

NVD

Tag(s):

NVD

AT&T, Verizon, Sprint, T-Mobile US fined $200M for selling off people’s location info29 April 2024
Board’s Pivotal Role in Cybersecurity as CISO-CEO Communication Gaps Continue – BSW #34829 April 2024
Meet Silver SAML: Golden SAML in the Cloud – Eric Woodruff – BSW #34829 April 2024
F5 shares fall over 9% on disappointing third quarter guidance29 April 2024
Google blocked 2.3M apps from Play Store last year for breaking the G law29 April 2024