Skip to content

Latest commit

 

History

History
36 lines (25 loc) · 2.32 KB

KCSA.md

File metadata and controls

36 lines (25 loc) · 2.32 KB

Kata Containers Security Advisories

KCSA summary

This table lists all previously published Kata Containers Security Advisories (KCSA's), newest first:

Date KCSA Affected Versions Description
2020-12-03 KCSA-CVE-2020-27151 < 1.11.5 Executing host binaries using annotations
2020-11-17 KCSA-CVE-2020-28914 < 1.11.5 Improper file permissions for read-only volumes
2020-06-12 KCSA-CVE-2020-2026 < 1.10.5, < 1.11.1 Improper link resolution before file access
2020-06-12 KCSA-CVE-2020-2023 < 1.11.1 Execution with unnecessary privileges
2020-05-28 KCSA-CVE-2020-2025 < 1.11.0 Cloud Hypervisor guest image persists vulnerability
2020-05-28 KCSA-CVE-2020-2024 < 1.11.0 Improper link resolution vulnerability
2019-02-22 KCSA-CVE-2019-5736 not applicable runc container breakout

Determine Kata Containers version

To determine which version of Kata Containers you are running, see the upgrading document.

Upgrade

If you are running a version of Kata Containers affected by one or more KCSA's, you are strongly encouraged to upgrade as soon as possible: