CVE-2019-25067

Source
https://cve.org/CVERecord?id=CVE-2019-25067
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-25067.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-25067
Downstream
Published
2022-06-09T17:15:08.313Z
Modified
2026-07-08T05:55:30.672586707Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.

Database specific
{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:a:varlink:varlink:1.5.1:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "1.5.1"
                },
                {
                    "last_affected": "1.5.1"
                }
            ],
            "vendor_product": "varlink:varlink",
            "source": "CPE_STRING"
        }
    ]
}
References

Affected packages

Git / github.com/podman-container-tools/podman

Affected ranges

Type
GIT
Repo
https://github.com/podman-container-tools/podman
Events
Database specific
{
    "cpe": "cpe:2.3:a:podman_project:podman:1.5.1:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "1.5.1"
        },
        {
            "last_affected": "1.5.1"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

1.*
1.5.1
v1.*
v1.5.1

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-25067.json"