CVE-2019-25067
8.8
HIGH
CVSS 3.1
EPSS 0.80%
Description
A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.
How to fix CVE-2019-25067
To remediate CVE-2019-25067, upgrade the affected package to a fixed version below.
- —upgrade to 3.0.0+dfsg1-1 or later
Is CVE-2019-25067 being exploited?
Low — EPSS is 0.8%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 3.0.0+dfsg1-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |