CVE-2018-10856
NONE EPSS 54.6%
Published Jul 3, 20188y ago · Modified Jun 17, 20262w ago
Published Jul 3, 2018 8y ago
Last Modified Jun 17, 2026 2w ago
Description
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
Threat Intelligence
EPSS Exploit Probability
54.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 2
CWE-250
CWE-732
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| libpod_project | libpod | * | <0.6.1 |
References 3
- access.redhat.com https://access.redhat.com/errata/RHSA-2018:2037
- bugzilla.redhat.com https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10856
- github.com https://github.com/projectatomic/libpod/commit/bae80a0b663925ec751ad2784ca32989403cdc24
Remediation
- github.com https://github.com/projectatomic/libpod/commit/bae80a0b663925ec751ad2784ca32989403cdc24