8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.9%
A vulnerability in Podman software is related to a type mixing error. Exploitation of the vulnerability
could allow an attacker acting remotely to send specially crafted data to the application,
cause a type-mixing error, and reinterpret the resulting content differently.
The Podman software vulnerability involves a race condition where an attacker can
replace a regular file in a volume with a symbolic link when exporting the volume. Exploitation of the vulnerability could
allow an attacker acting remotely to access arbitrary files in the file system of a
of the host.
The vulnerability in the Podman software is related to redundant data output by the application in the function
“podman machine.” Exploitation of the vulnerability could allow an attacker acting remotely to gain
unauthorized access to sensitive information on the system.
A vulnerability in the Podman software is associated with a redundant set of inherited capabilities.
Exploitation of the vulnerability could allow an attacker acting remotely to bypass security restrictions and privilege escalation.
security restrictions and privilege escalation.
The vulnerability in the Podman software is due to improper privilege management when running the
podman top in a container created from a malicious image and using the namespace of the
user namespace. Exploitation of the vulnerability could allow an attacker acting remotely to cause a
disclosure of information or denial of service.
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
68.9%