Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistRedhatCVELIST:CVE-2021-4024
HistoryDec 23, 2021 - 7:48 p.m.

CVE-2021-4024

2021-12-2319:48:45
CWE-200
redhat
www.cve.org
7
podman
unauthorized access
vm services

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

52.4%

JSON

A flaw was found in podman. The podman machine function (used to create and manage Podman virtual machine containing a Podman process) spawns a gvproxy process on the host system. The gvproxy API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host’s firewall, an attacker can potentially use the gvproxy API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host’s services by forwarding all ports to the VM.

CNA Affected

[
  {
    "product": "podman",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "podman 3.4.3"
      }
    ]
  }
]

Related

redhatcve 1
ubuntucve 1
veracode 1
nvd 1
github 1
cve 1
osv 5
fedora 2
prion 1
debiancve 1
alpinelinux 1
openvas 9
altlinux 1
githubexploit 1
redos 1
nessus 8
suse 1
redhat 1
almalinux 1
oraclelinux 1
gentoo 1
mageia 1
redhatcve
redhatcve
CVE-2021-4024
2021-11-26 14:19:57
ubuntucve
ubuntucve
CVE-2021-4024
2021-12-23 00:00:00
veracode
veracode
Privilege Escalation
2021-12-12 11:04:43
nvd
nvd
CVE-2021-4024
2021-12-23 20:15:12
github
github
Exposure of Sensitive Information to an Unauthorized Actor and Origin Validation Error in podman
2022-01-06 21:12:50
cve
cve
CVE-2021-4024
2021-12-23 20:15:12
osv
osv
Exposure of Sensitive Information to an Unauthorized Actor and Origin Validation Error in podman
2022-01-06 21:12:50
CVE-2021-4024
2021-12-23 20:15:12
Exposure of Sensitive Information to an Unauthorized Actor and Origin Validation Error in podman in github.com/containers/podman
2024-08-21 14:30:26
fedora
fedora
[SECURITY] Fedora 35 Update: podman-3.4.4-1.fc35
2021-12-17 01:12:38
[SECURITY] Fedora 34 Update: podman-3.4.4-1.fc34
2022-02-08 01:08:04
prion
prion
Open redirect
2021-12-23 20:15:00
debiancve
debiancve
CVE-2021-4024
2021-12-23 20:15:12
alpinelinux
alpinelinux
CVE-2021-4024
2021-12-23 20:15:12
openvas
openvas
Fedora: Security Advisory for podman (FEDORA-2021-6bd024d2a7)
2022-02-08 00:00:00
Fedora: Security Advisory for podman (FEDORA-2021-6bc3fe7129)
2021-12-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:23018-1)
2022-03-05 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package podman version 3.4.3-alt1
2021-12-08 00:00:00
githubexploit
githubexploit
Exploit for Origin Validation Error in Podman Project Podman
2022-01-27 16:28:56
redos
redos
ROS-20230710-01
2023-07-10 00:00:00
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : podman (SUSE-SU-2023:0187-1)
2023-01-28 00:00:00
SUSE SLES15 Security Update : podman (SUSE-SU-2023:0326-1)
2023-02-14 00:00:00
SUSE SLED15 / SLES15 Security Update : conmon, libcontainers-common, libseccomp, podman (SUSE-SU-2022:23018-1)
2023-03-10 00:00:00
suse
suse
Security update for conmon, libcontainers-common, libseccomp, podman (moderate)
2022-03-04 00:00:00
redhat
redhat
(RHSA-2022:7954) Moderate: podman security and bug fix update
2022-11-15 06:12:00
almalinux
almalinux
Moderate: podman security and bug fix update
2022-11-15 00:00:00
oraclelinux
oraclelinux
podman security and bug fix update
2022-11-22 00:00:00
gentoo
gentoo
podman: Multiple Vulnerabilities
2024-07-05 00:00:00
mageia
mageia
Updated skopeo/buildah/podman packages fix security vulnerability
2023-07-07 08:54:45

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

52.4%

JSON
Related for CVELIST:CVE-2021-4024
redhatcve1ubuntucve1veracode1nvd1github1cve1osv5fedora2prion1debiancve1alpinelinux1openvas9altlinux1githubexploit1redos1nessus8suse1redhat1almalinux1oraclelinux1gentoo1mageia1