Published: 02/02/2021 Updated: 26/02/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.

Vulnerable Product	Search on Vulmon	Subscribe to Product
podman project podman

Synopsis Moderate: podman security and bug fix update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for podman is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as h ...

Rootless containers run with Podman receive all traffic with a source IP address of 127001 (including from remote hosts) This impacts containerized applications that trust localhost (127001) connections by default and do not require authentication ...

CWE-346 https://bugzilla.redhat.com/show_bug.cgi?id=1919050 https://github.com/containers/podman/issues/5138 https://github.com/containers/podman/pull/9052 https://github.com/rootless-containers/rootlesskit/pull/206 https://access.redhat.com/errata/RHSA-2022:7954 https://nvd.nist.gov https://security.archlinux.org/CVE-2021-20199

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-20199

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect