CVE-2021-4024
- EPSS 0.1%
- Veröffentlicht 23.12.2021 20:15:12
- Zuletzt bearbeitet 21.11.2024 06:36:44
A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses o...
- EPSS 0.09%
- Veröffentlicht 11.02.2021 18:15:16
- Zuletzt bearbeitet 21.11.2024 05:46:05
A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container,...
CVE-2021-20199
- EPSS 0.45%
- Veröffentlicht 02.02.2021 19:15:14
- Zuletzt bearbeitet 21.11.2024 05:46:07
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentica...
CVE-2020-14370
- EPSS 0.15%
- Veröffentlicht 23.09.2020 13:15:15
- Zuletzt bearbeitet 21.11.2024 05:03:06
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variable...