CVE-2022-23648 log

Severity Unknown
Remote Unknown
Type Information disclosure
containers launched through containerd’s CRI implementation with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd’s CRI implementation.
Group Package Affected Fixed Severity Status Ticket
AVG-2725 containerd 1.6.0-2 1.6.1-1 Unknown Unknown
Workarounds: Ensure that only trusted images are used.