Vulnerabilities > Libpod Project

DATE CVE VULNERABILITY TITLE RISK
2020-02-11 CVE-2020-1726 Files or Directories Accessible to External Parties vulnerability in multiple products
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only.
network
high complexity
libpod-project redhat CWE-552
5.9
2019-11-25 CVE-2019-10214 Insufficiently Protected Credentials vulnerability in multiple products
The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service.
5.9
2019-10-28 CVE-2019-18466 Link Following vulnerability in Libpod Project Libpod
An issue was discovered in Podman in libpod before 1.6.0.
local
low complexity
libpod-project CWE-59
5.5
2019-07-30 CVE-2019-10152 Link Following vulnerability in multiple products
A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers.
local
high complexity
libpod-project opensuse CWE-59
7.2
2018-07-03 CVE-2018-10856 Incorrect Permission Assignment for Critical Resource vulnerability in Libpod Project Libpod
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user.
network
low complexity
libpod-project CWE-732
8.8