logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-10696

Description

A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.


Affected Software


CPE Name Name Version
buildah_project:buildah buildah project buildah 1.14.5
redhat:openshift_container_platform redhat openshift container platform 3.11
redhat:enterprise_linux redhat enterprise linux 7.0
redhat:enterprise_linux redhat enterprise linux 8.0

Related