CGA-jjp3-5cmx-w4rw

Published

Last updated

https://images.chainguard.dev/security/CGA-jjp3-5cmx-w4rw

Package

kubernetes-csi-driver-hostpath

Latest Update

Fixed

Fixed Version

1.14.0-r3

Aliases

Severity

6.1

Medium

CVSS V3

Summary

Kubernetes sets incorrect permissions on Windows containers logs

Description

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

References

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CGA-jjp3-5cmx-w4rw

Severity

Summary

Description

References

Updates

Product

Why Chainguard

Customers

Company

Resources