CVE-2019-25067

MEDIUM

Podman Varlink 1.5.1 - Remote Privilege Escalation

Title source: llm

Description

A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability.

Exploits (1)

exploitdb WORKING POC

by Jeremy Brown · pythonremotelinux

https://www.exploit-db.com/exploits/47500

View Code ZIP pw:eip

References (4)

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.143949

[Third Party Advisory] https://vuldb.com/?id.143949

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/47500

[Issue Tracking] https://github.com/containers/podman/issues/21628

Scores

CVSS v3 6.3

EPSS 0.0080

EPSS Percentile 73.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Classification

Status published

Affected Products (2)

podman_project/podman

varlink/varlink

Timeline

Published Jun 09, 2022

Tracked Since Feb 18, 2026