Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).
CVSS Information
N/A
Vulnerability Type
信息暴露
Vulnerability Title
Buildah 信息泄露漏洞
Vulnerability Description
Buildah是一款支持构建OCI容器映像的工具。 Buildah存在安全漏洞,该漏洞源于在容器构建中运行的进程(例如Dockerfile RUN命令)可以访问父进程和祖父进程的环境变量。当在CI CD环境中的容器中运行时,环境变量可能包括与容器共享的敏感信息,以便仅由build本身使用(例如容器注册表凭证)。
CVSS Information
N/A
Vulnerability Type
N/A