Umoci
1 CVEs
product
Monthly
Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Information Disclosure
Umoci
Singularity
NVD
GitHub
CVSS 3.1
5.5
EPSS
0.3%
EPSS 0%
CVSS 5.5
MEDIUM
PATCH
This Month
Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Information Disclosure
Umoci
Singularity
NVD
GitHub