A path traversal flaw was found in Buildah in versions prior to 1.14.5. This flaw allows an malicious user to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
buildah project buildah |
||
redhat enterprise linux 7.0 |
||
redhat openshift container platform 3.11 |
||
redhat enterprise linux 8.0 |