Podman Elevated Container Privileges
High severity
GitHub Reviewed
Published
May 13, 2022
to the GitHub Advisory Database
•
Updated Sep 16, 2024
Description
Published by the National Vulnerability Database
Jul 3, 2018
Published to the GitHub Advisory Database
May 13, 2022
Reviewed
Jul 21, 2023
Last updated
Sep 16, 2024
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
References