CVE-2021-20188

EPSS 0.08% · P25 Updated Feb 24, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-20188

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

授权机制不正确

Source: NVD (National Vulnerability Database)

Vulnerability Title

Podman 访问控制错误漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Podman中存在访问控制错误漏洞，该漏洞源于未正确检查在特权容器中运行的非根用户的文件权限。容器中的低权限用户可能会滥用此漏洞来访问容器中的任何其他文件。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	podman	podman 1.7.0	-

II. Public POCs for CVE-2021-20188

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-20188

请登录查看更多情报信息。

Same Patch Batch · n/a · 2021-02-11 · 23 CVEs total

CVE-2021-23335	7.5 HIGH	LDAP Injection
CVE-2021-22658		Advantech Iview SQL注入漏洞
CVE-2021-21976		vSphere Replication 命令注入漏洞
CVE-2020-9307		Hirschmann 安全漏洞
CVE-2019-19005		AutoTrace 资源管理错误漏洞
CVE-2019-19004		AutoTrace 输入验证错误漏洞
CVE-2020-25493		Oclean Mobile Application 加密问题漏洞
CVE-2021-27191		Joe Schofield Get-ip-range 输入验证错误漏洞
CVE-2021-22881		Rails Action Pack 输入验证错误漏洞
CVE-2021-22880		Postgresql PostgreSQL 资源管理错误漏洞
CVE-2021-22652		Advantech Iview 访问控制错误漏洞
CVE-2021-22656		Advantech Iview 路径遍历漏洞
CVE-2020-35498		Openvswitch 资源管理错误漏洞
CVE-2021-22654		Advantech Iview SQL注入漏洞
CVE-2020-10734		Keycloak 跨站请求伪造漏洞
CVE-2020-1717		Keycloak 安全漏洞
CVE-2021-25688		Teradici PCoIP Agents 日志信息泄露漏洞
CVE-2021-25689		Teradici PCoIP soft client 缓冲区错误漏洞
CVE-2021-25690		Teradici PCoIP Soft Client 代码问题漏洞
CVE-2020-13186		Teradici Cloud Access Connector 跨站请求伪造漏洞

Showing top 20 of 23 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: podman

Same vendor: n/a

Same weakness: CWE-863

V. Comments for CVE-2021-20188

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-20188

I. Basic Information for CVE-2021-20188

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-20188

III. Intelligence Information for CVE-2021-20188

Same Patch Batch · n/a · 2021-02-11 · 23 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-20188

Leave a comment