An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:NPodman Project Podman
APPPodman Projectwszystkie wersjeRed Hat Enterprise Linux
OSRedhat7.08.09.0Red Hat OpenShift Container Platform
APPRedhat3.114.0
Powiązane podatności
Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. A...
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main...
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/...