Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-25067

Опубликовано: 09 июн. 2019
Источник: redhat
CVSS3: 8.1

Описание

A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7podmanFix deferred
Red Hat Enterprise Linux 8container-tools:2.0/podmanOut of support scope
Red Hat Enterprise Linux 8container-tools:3.0/podmanNot affected
Red Hat Enterprise Linux 8container-tools:4.0/podmanNot affected
Red Hat Enterprise Linux 8container-tools:rhel8/podmanNot affected
Red Hat Enterprise Linux 9podmanNot affected
Red Hat OpenShift Container Platform 3.11podmanNot affected
Red Hat OpenShift Container Platform 4podmanAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-305
https://bugzilla.redhat.com/show_bug.cgi?id=2097406podman: Privilege escalation in API component

8.1 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-25067

CVSS3: 6.3
ubuntu
больше 3 лет назад

A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.

nvd логотип

CVE-2019-25067

CVSS3: 6.3
nvd
больше 3 лет назад

A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.

debian логотип

CVE-2019-25067

CVSS3: 6.3
debian
больше 3 лет назад

A vulnerability, which was classified as critical, was found in Podman ...

github логотип

GHSA-vjwp-mggj-92gq

CVSS3: 8.8
github
больше 3 лет назад

A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

8.1 High

CVSS3