Vulnerabilities > Libpod Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-11 | CVE-2020-1726 | Files or Directories Accessible to External Parties vulnerability in multiple products A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. | 5.9 |
| 2019-11-25 | CVE-2019-10214 | Insufficiently Protected Credentials vulnerability in multiple products The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. | 4.3 |
| 2019-10-28 | CVE-2019-18466 | Link Following vulnerability in Libpod Project Libpod An issue was discovered in Podman in libpod before 1.6.0. | 5.8 |
| 2019-07-30 | CVE-2019-10152 | Path Traversal vulnerability in Libpod Project Libpod A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. | 2.6 |
| 2018-07-03 | CVE-2018-10856 | Incorrect Permission Assignment for Critical Resource vulnerability in Libpod Project Libpod It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. | 6.5 |