Authentication Bypass by Primary Weakness Affecting podman-remote package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS8-PODMANREMOTE-2881866
- published 16 Jun 2022
- disclosed 9 Jun 2019
Introduced: 9 Jun 2019
CVE-2019-25067 Open this link in a new tabHow to fix?
There is no fixed version for Centos:8
podman-remote
.
NVD Description
Note: Versions mentioned in the description apply only to the upstream podman-remote
package and not the podman-remote
package as distributed by Centos
.
See How to fix?
for Centos:8
relevant fixed versions and status.
A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.