CVE-2025-58713 Rhpam: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain Red Hat Process Automation Manager images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected containe...

CVE-2025-57854 Osus-operator: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain OpenShift Update Service OSUS images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, ev...

CVE-2025-57850 Codeready-ws: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain CodeReady Workspaces images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a...

CVE-2025-57850 Codeready-ws: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain CodeReady Workspaces images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a...

CVE-2025-57848 Container-native-virtualization: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain Container-native Virtualization images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,...

CVE-2025-58712 Amq: privilege escalation via excessive /etc/passwd permissions

A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root...

CVE-2025-7195 Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used...

Red Hat File Integrity Operator 安全漏洞

Red Hat File Integrity Operator is a file integrity checking software from Red Hat. A security vulnerability exists in Red Hat File Integrity Operator versions prior to 0.15.2, which stems from a usersetup script that improperly modifies the permissions of the /etc/passwd file, which could result...

CVE-2020-1706

It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to...

Unspecified Vulnerability in Red Hat OpenShift Container Platform

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat that enable organizations to develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. The Red Hat OpenShift Container Platform has a security...

Unspecified Vulnerability in Red Hat OpenShift Container Platform (CNVD-2020-03939)

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat that enable organizations to develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. A security vulnerability exists in openshift/mariadb-apb...

Design/Logic Flaw

D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices have 0666 /var/passwd permissions...

PT-2017-13468 · D Link · D-Link Dir-850L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-850L REV. A versions through FW114WWb07 h2ab beta1 D-Link DIR-850L REV. B versions through FW208WWb02 Description: The issue is related to the permissions of the /var/passwd file, which has 0666 permissions. This could potentially...