Apptainer CVE-2026-48785
MEDIUMSeverity by source
AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Local low-privilege access suffices to exploit the prefix-match bypass; the attacker initiates the container run themselves, requiring no separate user interaction.
Primary rating from GitHub Advisory.
CVSS VectorGitHub Advisory
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Lifecycle Timeline
2DescriptionGitHub Advisory
Impact
The limit container paths directive in apptainer.conf is intended to allow a system administrator limit the paths from which containers can be run, under setuid mode. Due to incorrect matching of a path string, sibling directories with similar names may incorrectly be allowed.
For example, the configuration:
limit container paths = /data/safeWill also allow containers in /data/safe-but-unsafe to be run.
Patches
The issue is patched in apptainer version 1.5.1.
Workarounds
If developers do not use setuid mode or do not use the limit container paths functionality, then this issue does not affect their installation. Note that, as documented [1], if user namespaces are allowed for unrestricted use then this functionality does not stop users from running any container of their choice.
If developers do use the limit container paths functionality they are advised to update.
Credit
This vulnerability was discovered and disclosed to the Apptainer project by Dave Trudgian of Sylabs.
Resources
[1] https://apptainer.org/docs/admin/latest/configfiles.html#limiting-container-execution
AnalysisAI
Apptainer's limit container paths security directive in setuid mode fails to enforce path boundaries correctly because it uses string prefix matching rather than full path-component comparison, allowing local users to run containers from sibling directories whose names begin with an allowed path string. A system configured to allow only /data/safe will inadvertently also permit /data/safe-but-unsafe or any other path sharing that prefix. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires all three of the following specific conditions simultaneously: (1) Apptainer must be installed and running in setuid mode - installations using unprivileged user-namespace mode are completely unaffected; (2) the `limit container paths` directive must be explicitly configured in `apptainer.conf` - systems without this directive configured are not affected regardless of setuid status; (3) the attacker must have a local account with at least low-level system privileges (PR:L per CVSS). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The NVD CVSS 3.1 score of 4.8 (Medium) with vector AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L accurately reflects the constrained attack surface: local access, low privileges, and limited CIA impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local user on an HPC cluster running Apptainer in setuid mode discovers that the sysadmin has configured `limit container paths = /data/approved`. The user creates a directory named `/data/approved-malicious` (which they have write access to or can arrange to be created), places a crafted container image inside it, and invokes Apptainer against that path. … |
| Remediation | The primary remediation is to upgrade Apptainer to version 1.5.1, which corrects the path comparison logic to enforce directory-component boundaries. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allVendor StatusVendor
SUSE
Severity: Moderate| Product | Status |
|---|---|
| SUSE Linux Enterprise High Performance Computing 15 SP7 SUSE Linux Enterprise Module for HPC 15 SP7 | Fixed |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Fixed |
| openSUSE Leap 16.0 | Fixed |
| openSUSE Tumbleweed | Fixed |
| SUSE Linux Enterprise High Performance Computing 15 SP7 | Affected |
| SUSE Linux Enterprise Module for HPC 15 SP7 | Affected |
| SUSE Linux Enterprise Module for HPC 15 SP6 | Affected |
| SUSE Linux Enterprise Server 15 SP6-LTSS | Affected |
| SUSE Linux Enterprise High Performance Computing 15 SP6 | Affected |
| openSUSE Leap 15.6 | Affected |
Share
External POC / Exploit Code
Leaving vuln.today
GHSA-cr2j-534f-mf3g