A flaw was found in cri-o. A malicious container can create a symbolic link to arbitrary files on the host via directory traversal

A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially craft

The version of cri-o as released for Red Hat OpenShift Container Platform 4.9.48, 4.10.31, and 4.11.6 via RHBA-2022:6316, RHBA-202

Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or pos

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API.

A flaw was found in cri-o, where containers were incorrectly started with non-empty default permissions. A vulnerability was found

A flaw was found in CRI-O in the way it set kernel options for a pod. This issue allows anyone with rights to deploy a pod on a Ku

An incorrect sysctls validation vulnerability was found in CRI-O 1.18 and earlier. The sysctls from the list of "safe" sysctls spe

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in con

Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error (CWE-270) vulnerability in the handling of ambi