Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
katacontainers kata-containers vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2020-27151
An issue exists in Kata Containers up to and including 1.11.3 and 2.x up to and including 2.0-rc1. The runtime will execute binaries given using annotations without any kind of validation. Someone who is granted access rights to a cluster will be able to have kata-runtime execute...
Katacontainers Kata Containers
Katacontainers Kata Containers 2.0.0
320
VMScore
CVE-2020-28914
An improper file permissions vulnerability affects Kata Containers before 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable in...
Katacontainers Kata-containers
409
VMScore
CVE-2020-2023
Kata Containers doesn't restrict containers from accessing the guest's root filesystem device. Malicious containers can exploit this to gain code execution on the guest and masquerade as the kata-agent. This issue affects Kata Containers 1.11 versions earlier than 1.11....
Katacontainers Runtime
1 Github repository
409
VMScore
CVE-2020-2025
Kata Containers prior to 1.11.0 on Cloud Hypervisor persists guest filesystem changes to the underlying image file on the host. A malicious guest can overwrite the image file to gain control of all subsequent guest VMs. Since Kata Containers uses the same VM image file with all V...
Katacontainers Runtime
409
VMScore
CVE-2020-2026
A malicious guest compromised before a container creation (e.g. a malicious guest image or a guest running multiple containers) can trick the kata runtime into mounting the untrusted container filesystem on any host path, potentially allowing for code execution on the host. This ...
Katacontainers Runtime
Fedoraproject Fedora 31
187
VMScore
CVE-2020-2024
An improper link resolution vulnerability affects Kata Containers versions before 1.11.0. Upon container teardown, a malicious guest can trick the kata-runtime into unmounting any mount point on the host and all mount points underneath it, potentiality resulting in a host DoS.
Katacontainers Runtime
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started