CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
EPSS
Percentile
23.6%
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
The following packages have been upgraded to a later upstream version: podman (1.4.4). (BZ#1717919)
Security Fix(es):
podman cp
on running containers (CVE-2019-10152)For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
Error: pod was given but no pod is specified: invalid argument (BZ#1727873)
Podman stats failed with Error: unable to obtain cgroup stats (BZ#1728242)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 7 | s390x | podman | < 1.4.4-2.el7 | podman-1.4.4-2.el7.s390x.rpm |
RedHat | 7 | x86_64 | podman-debuginfo | < 1.4.4-2.el7 | podman-debuginfo-1.4.4-2.el7.x86_64.rpm |
RedHat | 7 | aarch64 | podman-debuginfo | < 1.4.4-2.el7 | podman-debuginfo-1.4.4-2.el7.aarch64.rpm |
RedHat | 7 | aarch64 | podman | < 1.4.4-2.el7 | podman-1.4.4-2.el7.aarch64.rpm |
RedHat | 7 | noarch | podman-docker | < 1.4.4-2.el7 | podman-docker-1.4.4-2.el7.noarch.rpm |
RedHat | 7 | ppc64le | podman-debuginfo | < 1.4.4-2.el7 | podman-debuginfo-1.4.4-2.el7.ppc64le.rpm |
RedHat | 7 | s390x | podman-debuginfo | < 1.4.4-2.el7 | podman-debuginfo-1.4.4-2.el7.s390x.rpm |
RedHat | 7 | x86_64 | podman | < 1.4.4-2.el7 | podman-1.4.4-2.el7.x86_64.rpm |
RedHat | 7 | ppc64le | podman | < 1.4.4-2.el7 | podman-1.4.4-2.el7.ppc64le.rpm |
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:P/A:N
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N
EPSS
Percentile
23.6%