CVE-2025-0750
published 2025-01-28CVE-2025-0750: A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with…
PriorityP432medium6.6CVSS 3.1
AVLACLPRLUINSUCLILAH
EPSS
0.23%
14.1th percentile
A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| github.com | cri-o_cri-o | 0 – 1.33.0 | — |
CVSS provenance
nvdv3.16.6MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
vendor_redhat6.6MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CRI-O Path Traversal vulnerability in github.com/cri-o/cri-o
osv·2025-01-29
CVE-2025-0750 CRI-O Path Traversal vulnerability in github.com/cri-o/cri-o
CRI-O Path Traversal vulnerability in github.com/cri-o/cri-o
CRI-O Path Traversal vulnerability in github.com/cri-o/cri-o
GHSA
CRI-O Path Traversal vulnerability
ghsa·2025-01-28
CVE-2025-0750 [MEDIUM] CWE-22 CRI-O Path Traversal vulnerability
CRI-O Path Traversal vulnerability
A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.
OSV
CRI-O Path Traversal vulnerability
osv·2025-01-28
CVE-2025-0750 [MEDIUM] CRI-O Path Traversal vulnerability
CRI-O Path Traversal vulnerability
A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.
Red Hat
cri-o: CRI-O Path Traversal in Log Handling Functions Allows Arbitrary Unmounting
vendor_redhat·2025-01-22·CVSS 6.6
CVE-2025-0750 [MEDIUM] CWE-22 cri-o: CRI-O Path Traversal in Log Handling Functions Allows Arbitrary Unmounting
cri-o: CRI-O Path Traversal in Log Handling Functions Allows Arbitrary Unmounting
A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.
A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.
Package: rhcos (Red Hat OpenShift Container Platform 4) - Fix deferred
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-01-28
Published