Moderate severityNVD Advisory· Published Feb 2, 2021· Updated Aug 3, 2024
CVE-2021-20199
CVE-2021-20199
Description
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/containers/podman/v3Go | < 3.0.0 | 3.0.0 |
Affected products
59- Podman/Podmandescription
- ghsa-coords58 versionspkg:golang/github.com/containers/podman/v3pkg:rpm/almalinux/cockpit-podmanpkg:rpm/almalinux/conmonpkg:rpm/almalinux/containernetworking-pluginspkg:rpm/almalinux/critpkg:rpm/almalinux/criupkg:rpm/almalinux/fuse-overlayfspkg:rpm/almalinux/libslirppkg:rpm/almalinux/libslirp-develpkg:rpm/almalinux/podmanpkg:rpm/almalinux/podman-dockerpkg:rpm/almalinux/podman-gvproxypkg:rpm/almalinux/podman-pluginspkg:rpm/almalinux/podman-remotepkg:rpm/almalinux/podman-testspkg:rpm/almalinux/python3-criupkg:rpm/almalinux/slirp4netnspkg:rpm/almalinux/udicapkg:rpm/opensuse/conmon&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/libcontainers-common&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/libcontainers-common&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/libseccomp&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%20Micro%205.2pkg:rpm/opensuse/podman&distro=openSUSE%20Leap%20Micro%205.3pkg:rpm/opensuse/podman&distro=openSUSE%20Tumbleweedpkg:rpm/suse/conmon&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/conmon&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP3pkg:rpm/suse/libcontainers-common&distro=SUSE%20Enterprise%20Storage%206pkg:rpm/suse/libcontainers-common&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-ESPOSpkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSSpkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-BCLpkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSSpkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1pkg:rpm/suse/libcontainers-common&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/libcontainers-common&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/libcontainers-common&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/libcontainers-common&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/libseccomp&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/libseccomp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP3pkg:rpm/suse/podman&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.1pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.2pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP3pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP4pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
< 3.0.0+ 57 more
- (no CPE)range: < 3.0.0
- (no CPE)range: < 29-2.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 2:2.0.26-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 0.9.1-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 3.15-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 3.15-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 1.4.0-2.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 4.3.1-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 4.3.1-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 2:4.2.0-3.el9
- (no CPE)range: < 2:4.2.0-3.el9
- (no CPE)range: < 2:4.2.0-3.el9
- (no CPE)range: < 2:4.2.0-3.el9
- (no CPE)range: < 2:4.2.0-3.el9
- (no CPE)range: < 2:4.2.0-3.el9
- (no CPE)range: < 3.15-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 1.1.8-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 0.2.4-1.module_el8.6.0+2876+9ed4eae2
- (no CPE)range: < 2.0.30-150300.8.3.1
- (no CPE)range: < 20210626-150300.8.3.1
- (no CPE)range: < 20210626-7.1
- (no CPE)range: < 2.5.3-150300.10.5.1
- (no CPE)range: < 3.4.4-150300.9.3.2
- (no CPE)range: < 4.3.1-150400.4.11.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150400.4.11.1
- (no CPE)range: < 3.3.1-2.1
- (no CPE)range: < 2.0.30-150300.8.3.1
- (no CPE)range: < 2.0.30-150300.8.3.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150300.8.3.1
- (no CPE)range: < 20210626-150300.8.3.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 20210626-150100.3.15.1
- (no CPE)range: < 2.5.3-150300.10.5.1
- (no CPE)range: < 2.5.3-150300.10.5.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150400.4.11.1
- (no CPE)range: < 3.4.4-150300.9.3.2
- (no CPE)range: < 4.3.1-150400.4.11.1
- (no CPE)range: < 4.3.1-150300.9.15.1
- (no CPE)range: < 4.3.1-150300.9.15.1
Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-grh6-q6m2-rh72ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-20199ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsax_refsource_MISCWEB
- github.com/containers/podman/issues/5138ghsax_refsource_MISCWEB
- github.com/containers/podman/pull/9052ghsax_refsource_MISCWEB
- github.com/containers/podman/pull/9225ghsaWEB
- github.com/containers/podman/releases/tag/v3.0.0-rc3ghsaWEB
- github.com/rootless-containers/rootlesskit/pull/206ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.