Lucene search
Veracode Vulnerability DatabaseVERACODE:22920HistoryApr 02, 2020 - 6:05 a.m.
Directory Traversal
2020-04-0206:05:06
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
23
0.004 Low
EPSS
Percentile
75.1%
github.com/containers/buildah is vulnerable to directory traversal. The image building process does not properly handle file path as well as symlinks. An attacker is able to exploit the vulnerability to overwrite arbitrary files on the file system and potentially escalation privileges by overwriting files configured with setuid.
Related
nessus
nessus
RHEL 8 : container-tools:rhel8 (RHSA-2020:1932)
2020-04-29 00:00:00
CentOS 8 : container-tools:rhel8 (CESA-2020:1932)
2021-02-01 00:00:00
Rocky Linux 8 : container-tools:2.0 (RLSA-2020:1931)
2023-11-07 00:00:00
almalinux
almalinux
Important: container-tools:1.0 security and bug fix update
2020-04-28 16:06:48
Important: container-tools:2.0 security update
2020-04-28 16:07:22
Important: container-tools:rhel8 security update
2020-04-28 16:07:32
rocky
rocky
container-tools:2.0 security update
2020-04-28 16:07:22
container-tools:rhel8 security update
2020-04-28 16:07:32
container-tools:1.0 security and bug fix update
2020-04-28 16:06:48
redhat
redhat
(RHSA-2020:1932) Important: container-tools:rhel8 security update
2020-04-28 16:07:32
(RHSA-2020:1926) Important: container-tools:1.0 security and bug fix update
2020-04-28 16:06:48
osv
osv
Important: container-tools:rhel8 security update
2020-04-28 16:07:32
Important: container-tools:rhel8 security update
2020-04-28 16:07:32
Important: container-tools:1.0 security and bug fix update
2020-04-28 16:06:48
nvd
nvd
CVE-2020-10696
2020-03-31 22:15:14
cve
cve
CVE-2020-10696
2020-03-31 22:15:14
prion
prion
Path traversal
2020-03-31 22:15:00
debiancve
debiancve
CVE-2020-10696
2020-03-31 22:15:14
alpinelinux
alpinelinux
CVE-2020-10696
2020-03-31 22:15:14
github
github
Path Traversal in Buildah
2021-05-18 18:32:41
cvelist
cvelist
CVE-2020-10696
2020-03-31 21:01:22
oraclelinux
oraclelinux
container-tools:2.0 security update
2020-05-12 00:00:00
container-tools:ol8 security update
2020-05-12 00:00:00
container-tools:2.0 security update
2021-03-05 00:00:00
redhatcve
redhatcve
CVE-2020-10696
2020-04-14 19:28:33
ubuntucve
ubuntucve
CVE-2020-10696
2020-03-31 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2020:3423-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2022:4350-1)
2022-12-08 00:00:00
openSUSE: Security Advisory for buildah, (openSUSE-SU-2021:0310-1)
2021-04-16 00:00:00
suse
suse
Security update for buildah (moderate)
2020-11-29 00:00:00
Security update for buildah, libcontainers-common, podman (moderate)
2021-02-19 00:00:00
Security update for buildah (important)
2022-10-26 00:00:00