Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1. The runtime will execute binaries given using annotations without any kind of validation. Someone who is granted access rights to a cluster will be able to have kata-runtime execute arbitrary binaries as root on the worker nodes.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kata Containers 安全漏洞
Vulnerability Description
Kata Containers是Kata Containers社区的一款开源的轻量级虚拟机构建程序。 Kata Containers 1.11.3版本和2.x版本至2.0-rc1版本存在安全漏洞,该漏洞源于运行时将使用注释执行二进制文件,而不进行任何类型的验证。被授予集群访问权的人将能够让kata-runtime以根用户身份在工作节点上执行任意二进制文件。
CVSS Information
N/A
Vulnerability Type
N/A