Path Traversal Vulnerability in Buildah Allows Arbitrary File Write

Path Traversal Vulnerability in Buildah Allows Arbitrary File Write

CVE-2020-10696 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.

Learn more about our Cis Benchmark Audit For Server Software.