github.com/kata-containers/runtime (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/kata-containers/runtime, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2020-2026 — CVSS 7.8 (high): A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick…
CVE-2020-2023 — CVSS 3.8 (low): Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to…