{"vulnerability": "CVE-2020-28914", "sightings": [{"uuid": "dc19982b-2a33-402e-af6f-135a636baefc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28914", "type": "seen", "source": "https://t.me/cibsecurity/16488", "content": "\u203c CVE-2020-28914 \u203c\n\nAn improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-18T00:39:35.000000Z"}]}