| id: GO-2022-0354 |
| modules: |
| - module: github.com/cri-o/cri-o |
| versions: |
| - introduced: 1.19.0 |
| - fixed: 1.19.6 |
| - introduced: 1.20.0 |
| - fixed: 1.20.7 |
| - introduced: 1.21.0 |
| - fixed: 1.21.6 |
| - introduced: 1.22.0 |
| - fixed: 1.22.3 |
| - introduced: 1.23.0 |
| - fixed: 1.23.2 |
| vulnerable_at: 1.23.1 |
| summary: Code Injection in CRI-O in github.com/cri-o/cri-o |
| cves: |
| - CVE-2022-0811 |
| ghsas: |
| - GHSA-6x2m-w449-qwx7 |
| references: |
| - advisory: https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7 |
| - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-0811 |
| - web: https://access.redhat.com/security/cve/CVE-2022-0811 |
| - web: https://bugs.gentoo.org/835336 |
| - web: https://bugzilla.redhat.com/show_bug.cgi?id=2059475 |
| - web: https://www.crowdstrike.com/blog/cr8escape-zero-day-vulnerability-discovered-in-cri-o-container-engine-cve-2022-0811 |
| source: |
| id: GHSA-6x2m-w449-qwx7 |
| created: 2024-08-20T13:52:15.940799-04:00 |
| review_status: UNREVIEWED |
| unexcluded: NOT_IMPORTABLE |
