Upstream information
Description
A flaw was found in cri-o, where an arbitrary systemd property can be injected via a Pod annotation. Any user who can create a pod with an arbitrary annotation may perform an arbitrary action on the host system.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
SUSE Bugzilla entry: 1223339 [NEW] No SUSE Security Announcements cross referenced.SUSE Timeline for this CVE
CVE page created: Tue Apr 23 14:00:26 2024CVE page last modified: Fri Apr 26 11:45:42 2024