Buildah
CVE-2024-9675
MEDIUM
Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Lifecycle Timeline
2DescriptionNVD
Alpine Linux: buildah fixed in 1.37.5-r0
Analysis
Alpine Linux: buildah fixed in 1.37.5-r0
A path traversal flaw was found in Buildah in versions before 1.14.5. Rated high severity (CVSS 8.8), this vulnerability
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive informatio
A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. Rated medium s
The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today