Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-0778

Опубликовано: 27 мар. 2023
Источник: nvd
CVSS3: 6.8
EPSS Низкий

Описание

A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:podman_project:podman:-:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 31%
0.00115
Низкий

6.8 Medium

CVSS3

Дефекты

CWE-367
CWE-367

Связанные уязвимости

ubuntu логотип

CVE-2023-0778

CVSS3: 6.8
ubuntu
около 2 лет назад

A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.

redhat логотип

CVE-2023-0778

CVSS3: 6.8
redhat
больше 2 лет назад

A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.

debian логотип

CVE-2023-0778

CVSS3: 6.8
debian
около 2 лет назад

A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This is ...

suse-cvrf логотип

SUSE-SU-2023:1814-1

suse-cvrf
около 2 лет назад

Security update for podman

suse-cvrf логотип

SUSE-SU-2023:1812-1

suse-cvrf
около 2 лет назад

Security update for podman

EPSS

Процентиль: 31%
0.00115
Низкий

6.8 Medium

CVSS3

Дефекты

CWE-367
CWE-367