2 matches found
podman: Podman kube play command may overwrite host files
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
[ASA-202101-18] opensmtpd: multiple issues
Arch Linux Security Advisory ASA-202101-18 ========================================== Severity: High Date : 2021-01-12 CVE-ID : CVE-2020-35679 CVE-2020-35680 Package : opensmtpd Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-1381 Summary ======= The package opensmtp...