Libpod Project: >> Libpod >> 1.4.0 Security Vulnerabilities
An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the container to the host, because an undesired glob operation occurs. An attacker could create a container image containing particular symlinks that, when copied by a victim user to the host filesystem, may overwrite existing files with others from the host.
CVSS Score
5.5
EPSS Score
0.008
Published
2019-10-28