Описание
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
It has been discovered that podman does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | podman | Not affected | ||
| Red Hat Enterprise Linux 7 Extras | podman | Fixed | RHSA-2018:2037 | 26.06.2018 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-250
https://bugzilla.redhat.com/show_bug.cgi?id=1592166podman: Containers run as non-root users do not drop capabilities
EPSS
Процентиль: 44%
0.00216
Низкий
5.3 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.3
nvd
больше 7 лет назад
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
CVSS3: 5.3
debian
больше 7 лет назад
It has been discovered that podman before version 0.6.1 does not drop ...
EPSS
Процентиль: 44%
0.00216
Низкий
5.3 Medium
CVSS3