CVE-2019-25067

A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.

Published: Jun 9, 2022
Updated: Feb 17, 2024
CVE: CVE-2019-25067
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
podman_project / podman	1.5.1	1.5.1.x
varlink / varlink	1.5.1	1.5.1.x

https://github.com/containers/podman/issues/21628
https://vuldb.com/?ctiid.143949
https://vuldb.com/?id.143949
https://www.exploit-db.com/exploits/47500

Vulnerability Database

289,599

CVE-2019-25067