CVE-2019-25067

Published: Jun 9, 2022Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.

Affected (2)

Products: Podman Project: Podman · Varlink: Varlink

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Podman Project Podman	Version 1.5.1

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Varlink Varlink	Version 1.5.1

References (8)

https://github.com/containers/podman/issues/21628

Source: cna@vuldb.com

https://vuldb.com/?ctiid.143949

Source: cna@vuldb.com

https://vuldb.com/?id.143949

Source: cna@vuldb.com

Third Party Advisory

https://www.exploit-db.com/exploits/47500

Source: cna@vuldb.com

ExploitThird Party AdvisoryVDB Entry

https://github.com/containers/podman/issues/21628

Source: af854a3a-2127-422b-91ae-364da2661108

https://vuldb.com/?ctiid.143949

Source: af854a3a-2127-422b-91ae-364da2661108

https://vuldb.com/?id.143949

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.exploit-db.com/exploits/47500

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

Timeline

No history available yet.