CVE-2020-10696
CVSS v3.1
8.8 (High)
CVSS v2.0
9.3 (High)
EPSS
0.44 % (75th)
Affected Products
3
Advisories
23
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
Weaknesses
- CWE-22
- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CVE Status
- PUBLISHED
- CNA
- Red Hat, Inc.
- Published Date
-
2020-03-31 22:15:14
(4 years ago) - Updated Date
-
2023-11-07 03:14:14
(10 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Configuration #2
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...