An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2020-09-23T00:00:00
Updated: 2024-08-04T12:46:33.326Z
Reserved: 2020-06-17T00:00:00
Link: CVE-2020-14370
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-09-23T13:15:15.563
Modified: 2024-11-21T05:03:06.747
Link: CVE-2020-14370
Redhat