Published: 25/09/2023 Updated: 07/11/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kubernetes cri-o -
redhat openshift_container_platform_for_arm64 4.12
redhat openshift_container_platform_for_linuxone 4.12
redhat openshift_container_platform_for_power 4.12
redhat openshift_container_platform_ibm_z_systems 4.12
fedoraproject extra packages for enterprise linux 8.0
fedoraproject fedora 36
fedoraproject fedora 37
redhat openshift_container_platform_for_arm64 4.11
redhat openshift_container_platform_for_linuxone 4.11
redhat openshift_container_platform_for_power 4.11
redhat openshift_container_platform_ibm_z_systems 4.11

Synopsis Moderate: OpenShift Container Platform 41134 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 41134 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...

Synopsis Moderate: OpenShift Container Platform 4126 packages and security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 4126 is now available with updates to packa ...

Synopsis Moderate: OpenShift Container Platform 41134 packages and security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 41134 is now available with updates to pac ...

Description This CVE is under investigation by Red Hat Product Security ...

CWE-913 https://bugzilla.redhat.com/show_bug.cgi?id=2152703 https://access.redhat.com/errata/RHSA-2023:1033 https://access.redhat.com/errata/RHSA-2023:1503 https://access.redhat.com/security/cve/CVE-2022-4318 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2023:1504 https://access.redhat.com/security/cve/cve-2022-4318

CVE-2022-4318

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect