Medium severity5.3NVD Advisory· Published Jul 3, 2018· Updated Jun 17, 2026
CVE-2018-10856
CVE-2018-10856
Description
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/containers/podmanGo | < 0.6.1 | 0.6.1 |
Affected products
3- ghsa-coords2 versions
< 0.6.1+ 1 more
- (no CPE)range: < 0.6.1
- (no CPE)range: < 3.3.1-2.1
- Range: podman 0.6.1
Patches
Vulnerability mechanics
References
5- github.com/projectatomic/libpod/commit/bae80a0b663925ec751ad2784ca32989403cdc24nvdPatchThird Party AdvisoryWEB
- access.redhat.com/errata/RHSA-2018:2037nvdThird Party AdvisoryWEB
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party AdvisoryWEB
- github.com/advisories/GHSA-wp7w-vx86-vj9hghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-10856ghsaADVISORY
News mentions
0No linked articles in our index yet.