EPSS
Percentile
58.7%
It was found that volume security can be sidestepped with innocent emptyDir and subpath. This could give an attacker with access to a pod full control over the node host by gaining access to docker socket.
bugzilla.redhat.com/show_bug.cgi?id=1525130
github.com/kubernetes/kubernetes/issues/60813