CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10696

A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.4%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.3

References

Products affected by CVE-2020-10696

Buildah Project » Buildah » Version: N/A

cpe:2.3:a:buildah_project:buildah:-
Buildah Project » Buildah » Version: 0.1

cpe:2.3:a:buildah_project:buildah:0.1
Buildah Project » Buildah » Version: 0.10

cpe:2.3:a:buildah_project:buildah:0.10
Buildah Project » Buildah » Version: 0.11

cpe:2.3:a:buildah_project:buildah:0.11
Buildah Project » Buildah » Version: 0.12

cpe:2.3:a:buildah_project:buildah:0.12
Buildah Project » Buildah » Version: 0.14

cpe:2.3:a:buildah_project:buildah:0.14
Buildah Project » Buildah » Version: 0.15

cpe:2.3:a:buildah_project:buildah:0.15
Buildah Project » Buildah » Version: 0.16.0

cpe:2.3:a:buildah_project:buildah:0.16.0
Buildah Project » Buildah » Version: 0.2

cpe:2.3:a:buildah_project:buildah:0.2
Buildah Project » Buildah » Version: 0.3

cpe:2.3:a:buildah_project:buildah:0.3
Buildah Project » Buildah » Version: 0.4

cpe:2.3:a:buildah_project:buildah:0.4
Buildah Project » Buildah » Version: 0.5

cpe:2.3:a:buildah_project:buildah:0.5
Buildah Project » Buildah » Version: 0.6

cpe:2.3:a:buildah_project:buildah:0.6
Buildah Project » Buildah » Version: 0.7

cpe:2.3:a:buildah_project:buildah:0.7
Buildah Project » Buildah » Version: 0.8

cpe:2.3:a:buildah_project:buildah:0.8
Buildah Project » Buildah » Version: 0.9

cpe:2.3:a:buildah_project:buildah:0.9
Buildah Project » Buildah » Version: 1.0

cpe:2.3:a:buildah_project:buildah:1.0
Buildah Project » Buildah » Version: 1.1

cpe:2.3:a:buildah_project:buildah:1.1
Buildah Project » Buildah » Version: 1.10.0

cpe:2.3:a:buildah_project:buildah:1.10.0
Buildah Project » Buildah » Version: 1.10.1

cpe:2.3:a:buildah_project:buildah:1.10.1
Buildah Project » Buildah » Version: 1.11.0

cpe:2.3:a:buildah_project:buildah:1.11.0
Buildah Project » Buildah » Version: 1.11.1

cpe:2.3:a:buildah_project:buildah:1.11.1
Buildah Project » Buildah » Version: 1.11.2

cpe:2.3:a:buildah_project:buildah:1.11.2
Buildah Project » Buildah » Version: 1.11.3

cpe:2.3:a:buildah_project:buildah:1.11.3
Buildah Project » Buildah » Version: 1.11.4

cpe:2.3:a:buildah_project:buildah:1.11.4
Buildah Project » Buildah » Version: 1.11.5

cpe:2.3:a:buildah_project:buildah:1.11.5
Buildah Project » Buildah » Version: 1.11.6

cpe:2.3:a:buildah_project:buildah:1.11.6
Buildah Project » Buildah » Version: 1.12.0

cpe:2.3:a:buildah_project:buildah:1.12.0
Buildah Project » Buildah » Version: 1.13.0

cpe:2.3:a:buildah_project:buildah:1.13.0
Buildah Project » Buildah » Version: 1.13.1

cpe:2.3:a:buildah_project:buildah:1.13.1
Buildah Project » Buildah » Version: 1.13.2

cpe:2.3:a:buildah_project:buildah:1.13.2
Buildah Project » Buildah » Version: 1.14.0

cpe:2.3:a:buildah_project:buildah:1.14.0
Buildah Project » Buildah » Version: 1.14.1

cpe:2.3:a:buildah_project:buildah:1.14.1
Buildah Project » Buildah » Version: 1.14.2

cpe:2.3:a:buildah_project:buildah:1.14.2
Buildah Project » Buildah » Version: 1.14.3

cpe:2.3:a:buildah_project:buildah:1.14.3
Buildah Project » Buildah » Version: 1.2

cpe:2.3:a:buildah_project:buildah:1.2
Buildah Project » Buildah » Version: 1.3

cpe:2.3:a:buildah_project:buildah:1.3
Buildah Project » Buildah » Version: 1.4

cpe:2.3:a:buildah_project:buildah:1.4
Buildah Project » Buildah » Version: 1.5

cpe:2.3:a:buildah_project:buildah:1.5
Buildah Project » Buildah » Version: 1.6

cpe:2.3:a:buildah_project:buildah:1.6
Buildah Project » Buildah » Version: 1.7

cpe:2.3:a:buildah_project:buildah:1.7
Buildah Project » Buildah » Version: 1.7.1

cpe:2.3:a:buildah_project:buildah:1.7.1
Buildah Project » Buildah » Version: 1.7.2

cpe:2.3:a:buildah_project:buildah:1.7.2
Buildah Project » Buildah » Version: 1.7.3

cpe:2.3:a:buildah_project:buildah:1.7.3
Buildah Project » Buildah » Version: 1.8.0

cpe:2.3:a:buildah_project:buildah:1.8.0
Buildah Project » Buildah » Version: 1.8.1

cpe:2.3:a:buildah_project:buildah:1.8.1
Buildah Project » Buildah » Version: 1.8.2

cpe:2.3:a:buildah_project:buildah:1.8.2
Buildah Project » Buildah » Version: 1.8.3

cpe:2.3:a:buildah_project:buildah:1.8.3
Buildah Project » Buildah » Version: 1.8.4

cpe:2.3:a:buildah_project:buildah:1.8.4
Buildah Project » Buildah » Version: 1.9.0

cpe:2.3:a:buildah_project:buildah:1.9.0
Buildah Project » Buildah » Version: 1.9.1

cpe:2.3:a:buildah_project:buildah:1.9.1
Buildah Project » Buildah » Version: 1.9.2

cpe:2.3:a:buildah_project:buildah:1.9.2
Redhat » Openshift Container Platform » Version: 3.11

cpe:2.3:a:redhat:openshift_container_platform:3.11
Redhat » Enterprise Linux » Version: 7.0

cpe:2.3:o:redhat:enterprise_linux:7.0
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-10696

Products

Pricing

Contact Us