VDB
CVE-2022-0811
CVE-2022-0811
PUBLISHED
CVSS 8.800000190734863 HIGH
Code Injection in CRI-O
EPSS 22.77% · 96.0th percentile
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
22.77%
96.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| kubernetes | cri-o | 1.20.0, 1.21.0, 1.22.0 |
| n/a | CRI-O | cri-o 1.24.0, cri-o 1.23.2, cri-o 1.22.3, cri-o 1.21.6, cri-o 1.20.7, cri-o 1.19.6 |
| github.com | cri-o/cri-o | 1.19.0, 1.20.0, 1.22.0 |
Exploit Intelligence
- Simple webhook to block exploitation of CVE-2022-0811 (github-poc)
- Simple webhook to block exploitation of CVE-2022-0811 (github-poc)
- Simple webhook to block exploitation of CVE-2022-0811 (github-poc)
- Simple webhook to block exploitation of CVE-2022-0811 (github-poc)
- Simple webhook to block exploitation of CVE-2022-0811 (github-poc)
- Simple webhook to block exploitation of CVE-2022-0811 (github-poc)
- https://bugzilla.redhat.com/show_bug.cgi?id=2059475 (circl)
- https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7 (circl)
Timeline
- Mar 15, 2022 CVE Published
- Mar 17, 2022 EPSS Score
- Mar 18, 2022 CVE Updated
- Mar 7, 2023 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 19, 2025 EPSS Score
- Mar 20, 2025 EPSS Score
- Mar 27, 2025 EPSS Score
- Mar 29, 2025 EPSS Score
- Mar 30, 2025 EPSS Score
- May 1, 2025 EPSS Score
- May 5, 2025 EPSS Score
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2059475 url
- https://github.com/cri-o/cri-o/security/advisories/GHSA-6x2m-w449-qwx7 url
- https://nvd.nist.gov/vuln/detail/CVE-2022-0811 advisory
- https://access.redhat.com/security/cve/CVE-2022-0811 url
- https://bugs.gentoo.org/835336 url
- https://github.com/cri-o/cri-o package
- https://www.crowdstrike.com/blog/cr8escape-zero-day-vulnerability-discovered-in-cri-o-container-engine-cve-2022-0811 url