Описание
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a RUN instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.39.3+ds1-1syncable1 |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | needs-triage | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | needs-triage | |
| noble | needs-triage | |
| oracular | ignored | end of life, was needs-triage |
| plucky | not-affected | 1.39.3+ds1-1syncable1 |
| upstream | released | 1.37.4+ds1-1 |
Показывать по
7.8 High
CVSS3
Связанные уязвимости
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
A vulnerability was found in Buildah. Cache mounts do not properly val ...
7.8 High
CVSS3