CVE-2025-0750

MEDIUM Year: 2025
CVSS v3 Score
6.6
Medium
Weakness Type
CWE-22
View all →

Vulnerability Description

A vulnerability was found in CRI-O. A path traversal issue in the log management functions (UnMountPodLogs and LinkContainerLogs) may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system directories.

Related Vulnerabilities

CVE-2018-2380

MEDIUM
CVSS:6.6(Medium)

SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are...

CWE-222018

CVE-2021-1435

MEDIUM
CVSS:6.6(Medium)

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that can be executed as the root user. This vulnerability is due to in...

CWE-222021

CVE-2024-12083

MEDIUM
CVSS:6.6(Medium)

Path Traversal Vulnerabilities (CWE-22) exist in NJ/NX-series Machine Automation Controllers. An attacker may use these vulnerabilities to perform unauthorized access and to execute unauthorized code ...

CWE-222024

CVE-2024-23772

MEDIUM
CVSS:6.6(Medium)

An issue was discovered in Quest KACE Agent for Windows 12.0.38 and 13.1.23.0. An Arbitrary file create vulnerability exists in the KSchedulerSvc.exe, KUserAlert.exe, and Runkbot.exe components. This ...

CWE-222024

CVE-2024-47309

MEDIUM
CVSS:6.6(Medium)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Condless Cities Shipping Zones for WooCommerce allows PHP Local File Inclusion.This issue affects Cities...

CWE-222024

CVE-2025-0694

MEDIUM
CVSS:6.6(Medium)

Insufficient path validation in CODESYS Control allows low privileged attackers with physical access to gain full filesystem access.

CWE-222025