Every CVE whose affected-product data names Kubernetes Cri-o, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2022-0811 — CVSS 8.8 (high): A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Kubernetes…
CVE-2018-1000400 — CVSS 8.8 (high): Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error (CWE-270) vulnerability in the handling of ambient…
CVE-2024-5154 — CVSS 8.1 (high): A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal…
CVE-2022-4318 — CVSS 7.8 (high): A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted…
CVE-2022-1708 — CVSS 7.5 (high): A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The…
CVE-2022-2995 — CVSS 7.1 (high): Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible…
CVE-2022-27652 — CVSS 5.3 (medium): A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby…
CVE-2019-14891 — CVSS 5.0 (medium): A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container…
CVE-2022-3466 — CVSS 4.8 (medium): The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-2022:6257…
CVE-2022-0532 — CVSS 4.2 (medium): An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls specified…