Skip to main content

Apptainer CVE-2026-48785

MEDIUM
Path Traversal (CWE-22)
2026-06-26 https://github.com/apptainer/apptainer GHSA-cr2j-534f-mf3g
4.8
CVSS 3.1 · GitHub Advisory
Share

Severity by source

GitHub Advisory PRIMARY
4.8 MEDIUM
AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
vuln.today AI
5.3 MEDIUM

Local low-privilege access suffices to exploit the prefix-match bypass; the attacker initiates the container run themselves, requiring no separate user interaction.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative

Primary rating from GitHub Advisory.

CVSS VectorGitHub Advisory

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 26, 2026 - 19:52 vuln.today
Analysis Generated
Jun 26, 2026 - 19:52 vuln.today

DescriptionGitHub Advisory

Impact

The limit container paths directive in apptainer.conf is intended to allow a system administrator limit the paths from which containers can be run, under setuid mode. Due to incorrect matching of a path string, sibling directories with similar names may incorrectly be allowed.

For example, the configuration:

limit container paths = /data/safe

Will also allow containers in /data/safe-but-unsafe to be run.

Patches

The issue is patched in apptainer version 1.5.1.

Workarounds

If developers do not use setuid mode or do not use the limit container paths functionality, then this issue does not affect their installation. Note that, as documented [1], if user namespaces are allowed for unrestricted use then this functionality does not stop users from running any container of their choice.

If developers do use the limit container paths functionality they are advised to update.

Credit

This vulnerability was discovered and disclosed to the Apptainer project by Dave Trudgian of Sylabs.

Resources

[1] https://apptainer.org/docs/admin/latest/configfiles.html#limiting-container-execution

AnalysisAI

Apptainer's limit container paths security directive in setuid mode fails to enforce path boundaries correctly because it uses string prefix matching rather than full path-component comparison, allowing local users to run containers from sibling directories whose names begin with an allowed path string. A system configured to allow only /data/safe will inadvertently also permit /data/safe-but-unsafe or any other path sharing that prefix. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local account on setuid Apptainer host
Delivery
Enumerate allowed paths in apptainer.conf
Exploit
Create sibling directory extending allowed path prefix
Execution
Place container image in sibling directory
Persist
Invoke Apptainer against sibling path
Impact
Bypass path restriction, execute container

Vulnerability AssessmentAI

Exploitation Exploitation requires all three of the following specific conditions simultaneously: (1) Apptainer must be installed and running in setuid mode - installations using unprivileged user-namespace mode are completely unaffected; (2) the `limit container paths` directive must be explicitly configured in `apptainer.conf` - systems without this directive configured are not affected regardless of setuid status; (3) the attacker must have a local account with at least low-level system privileges (PR:L per CVSS). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The NVD CVSS 3.1 score of 4.8 (Medium) with vector AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L accurately reflects the constrained attack surface: local access, low privileges, and limited CIA impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A local user on an HPC cluster running Apptainer in setuid mode discovers that the sysadmin has configured `limit container paths = /data/approved`. The user creates a directory named `/data/approved-malicious` (which they have write access to or can arrange to be created), places a crafted container image inside it, and invokes Apptainer against that path. …
Remediation The primary remediation is to upgrade Apptainer to version 1.5.1, which corrects the path comparison logic to enforce directory-component boundaries. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Linux Enterprise High Performance Computing 15 SP7 SUSE Linux Enterprise Module for HPC 15 SP7 Fixed
SUSE Linux Enterprise Server 15 SP6-LTSS Fixed
openSUSE Leap 16.0 Fixed
openSUSE Tumbleweed Fixed
SUSE Linux Enterprise High Performance Computing 15 SP7 Affected

Share

CVE-2026-48785 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy