An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Versions before kubernetes-nmstate-handler-container-v2.3.0-30 are affected.
[
{
"product": "nmstate/kubernetes-nmstate-handler",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "kubernetes-nmstate-handler-container-v2.3.0-30"
}
]
}
]