| |
Vulnerability CVE-2023-0229
Published: 2023-01-26
| Description: |
A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC) is "runtime/default," allowing users to disable seccomp for pods they can create and modify. |
Type:
CWE-20 (Improper Input Validation)
References: |
https://bugzilla.redhat.com/show_bug.cgi?id=2160349
|
|
|
closedb();
?>
Copyright 2026, cxsecurity.com
|
|
|