Skip to main content

Improper Input Validation

CVE-2023-0229

Severity Medium
Score 6.3/10

Summary

A flaw was found in github.com/openshift/apiserver-library-go versions prior to 0.0.0-20230120221150-cefee9e0162b, used in OpenShift, that contains an issue that can allow low-privileged users to set the seccomp "profile" for pods they control to "unconfined." By default, the seccomp "profile" used in the restricted-v2 Security Context Constraint (SCC) is "runtime/default," allowing users to disable seccomp for pods they can create and modify.

  • LOW
  • NETWORK
  • LOW
  • UNCHANGED
  • NONE
  • LOW
  • LOW
  • LOW

CWE-20 - Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Advisory Timeline

  • Published