CVE-2020-1726

Name
CVE-2020-1726
Description
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1726
REDHAT https://access.redhat.com/errata/RHSA-2020:0680
SUSE http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00097.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00103.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:libpod_project:libpod:1.6.0:-:*:*:*:*:*:* libpod == None == 1.6.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status