{"vulnerability": "CVE-2022-23648", "sightings": [{"uuid": "b2c7ed35-6ef4-4a83-be7b-b118cc734151", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23648", "type": "seen", "source": "https://t.me/cibsecurity/38353", "content": "\u203c CVE-2022-23648 \u203c\n\ncontainerd is a container runtime available as a daemon for Linux and Windows. A bug was found in containerd prior to versions 1.6.1, 1.5.10, and 1.14.12 where containers launched through containerd\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2s CRI implementation on Linux with a specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host. This may bypass any policy-based enforcement on container setup (including a Kubernetes Pod Security Policy) and expose potentially sensitive information. Kubernetes and crictl can both be configured to use containerd\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2s CRI implementation. This bug has been fixed in containerd 1.6.1, 1.5.10, and 1.4.12. Users should update to these versions to resolve the issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T16:26:05.000000Z"}, {"uuid": "fbb72757-232c-47f1-ac05-629fda375585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23648", "type": "seen", "source": "https://gist.github.com/AyushyaChitransh/3b69f94e19b188ba41ee0c49a282e64c", "content": "", "creation_timestamp": "2025-03-13T20:14:03.000000Z"}, {"uuid": "5d640bb4-5741-4c32-9fad-53b81ff051bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23648", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1719", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPOC for CVE-2022-23648\nURL\uff1ahttps://github.com/raesene/CVE-2022-23648-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-25T19:47:54.000000Z"}, {"uuid": "85d3db2d-8e85-438f-b86a-8fdd81f071ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23648", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1829", "content": "#exploit\n1. CVE-2022-23648:\ncontainerd: Insecure handling of image volumes\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2244\n\n2. Exploit tool for CVE-2021-43008\nAdminer 1.0 - 4.6.2 Arbitrary File Read vulnerability\nhttps://github.com/p0dalirius/CVE-2021-43008-AdminerRead\n\n@BlueRedTeam", "creation_timestamp": "2022-03-24T09:55:10.000000Z"}, {"uuid": "d8e4d7ee-94a1-441b-bbb0-c97ba73b1ca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23648", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5664", "content": "#exploit\n1. CVE-2022-23648:\ncontainerd: Insecure handling of image volumes\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2244\n\n2. Exploit tool for CVE-2021-43008\nAdminer 1.0 - 4.6.2 Arbitrary File Read vulnerability\nhttps://github.com/p0dalirius/CVE-2021-43008-AdminerRead", "creation_timestamp": "2024-12-19T15:32:08.000000Z"}]}