Buildah_project Buildah
6 CVEs affecting Buildah_project Buildah. Latest disclosed: 2024-10-09. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-10696 | High | 8.8 | 2020-03-31 | A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image ho… |
CVE-2024-9675 | High | 7.8 | 2024-10-09 | A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a… |
CVE-2022-2990 | High | 7.1 | 2022-09-13 | An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modificat… |
CVE-2022-27651 | Medium | 6.8 | 2022-04-04 | A flaw was found in buildah where containers were incorrectly started with non-empty default permissions. A bug was found in Moby (Docker Engine) where contain… |
CVE-2019-10214 | Medium | 5.9 | 2019-11-25 | The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Pla… |
CVE-2021-3602 | Medium | 5.5 | 2022-03-03 | An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RU… |