Tag
cri-o
Safeguard articles tagged "cri-o" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Analysis
CRI-O 'cr8escape' Sysctl Injection Container Escape (CVE-...
CVE-2022-0811 (cr8escape) is a CRI-O flaw where an unvalidated sysctl injection let attackers escape containers and gain root on Kubernetes hosts.
Nov 21, 20257 min read
Cloud Security
Container runtime security (containerd/CRI-O) vulnerability roundup
Container runtime CVEs like the runc Leaky Vessels flaw and CRI-O's cr8escape show how containerd and CRI-O bugs turn into full host takeovers.
Nov 2, 20257 min read
Container Security
CRI-O vs containerd: Security Comparison
Both are CNCF graduated runtimes. Both run production clusters. Their security properties diverge in ways that matter for hardened environments.
Aug 22, 20246 min read