CVE-2024-7387— Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy

CVSS 9.1 · Critical EPSS 0.79% · P74 Updated Mar 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2024-7387

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy

Source: NVD (National Vulnerability Database)

Vulnerability Description

A flaw was found in openshift/builder. This vulnerability allows command injection via path traversal, where a malicious user can execute arbitrary commands on the OpenShift node running the builder container. When using the “Docker” strategy, executable files inside the privileged build container can be overridden using the `spec.source.secrets.secret.destinationDir` attribute of the `BuildConfig` definition. An attacker running code in a privileged container could escalate their permissions on the node running the container.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

带着不必要的权限执行

Source: NVD (National Vulnerability Database)

Vulnerability Title

Red Hat OpenShift Container Platform 安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Red Hat OpenShift Container Platform是美国红帽（Red Hat）公司的一套可帮助企业在物理、虚拟和公共云基础架构之间开发、部署和管理现有基于容器的应用程序的应用平台。 Red Hat OpenShift Container Platform 4存在安全漏洞，该漏洞源于openshift/builder允许通过路径穿越进行命令注入，恶意用户可以在运行构建器容器的OpenShift节点上执行任意命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE
Red Hat	Red Hat OpenShift Container Platform 4.12	v4.12.0-202409121032.p1.g609473f.assembly.stream.el8 ~ *	`cpe:/a:redhat:openshift:4.12::el8`
Red Hat	Red Hat OpenShift Container Platform 4.13	v4.13.0-202409120505.p1.g2c7e99d.assembly.stream.el8 ~ *	`cpe:/a:redhat:openshift:4.13::el8`
Red Hat	Red Hat OpenShift Container Platform 4.14	v4.14.0-202409111409.p1.g52565ca.assembly.stream.el8 ~ *	`cpe:/a:redhat:openshift:4.14::el8`
Red Hat	Red Hat OpenShift Container Platform 4.15	v4.15.0-202409101936.p1.ge7749a3.assembly.stream.el8 ~ *	`cpe:/a:redhat:openshift:4.15::el8`
Red Hat	Red Hat OpenShift Container Platform 4.16	v4.16.0-202409101737.p1.gfee4b58.assembly.stream.el9 ~ *	`cpe:/a:redhat:openshift:4.16::el9`
Red Hat	Red Hat OpenShift Container Platform 4.17	v4.17.0-202409122005.p1.gcfcf3bd.assembly.stream.el9 ~ *	`cpe:/a:redhat:openshift:4.17::el9`

II. Public POCs for CVE-2024-7387

#	POC Description	Source Link	Shenlong Link
1	None	https://github.com/tevelsho/cve-2024-7387	POC Details
2	overwrites system binaries allowing priv esc from dev to worker node	https://github.com/0xSigSegv0x00/cve-2024-7387	POC Details
3	poc for path traversal allowing privilege escalation from developer to worker node	https://github.com/fatcatresearch/cve-2024-7387	POC Details
4	developer-to-node privilege escalation via path traversal	https://github.com/pwnc4t/cve-2024-7387	POC Details
5	openshift privilege escalation exploit	https://github.com/tevsho/cve-2024-7387	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2024-7387

请登录查看更多情报信息。

CVE-2024-7387: Prevent Build Inputs "Zip-Slip" · openshift/builder@0b62633 · GitHub
[Advisory - Red Hat, OpenShift Container Platform] Path traversal allows command injection in privileged BuildContainer using docker build strategy | Red vs. Blue Shell
2302259 – (CVE-2024-7387) CVE-2024-7387 openshift/builder: Path traversal allows command injection in privileged BuildContainer using docker build strategyissue-trackingx_refsource_REDHAT
RHSA-2024:6691 - Security Advisory - Red Hat Customer Portalvendor-advisoryx_refsource_REDHAT
RHSA-2024:6705 - Security Advisory - Red Hat Customer Portalvendor-advisoryx_refsource_REDHAT
RHSA-2024:6689 - Security Advisory - Red Hat Customer Portalvendor-advisoryx_refsource_REDHAT
RHSA-2024:3718 - Security Advisory - Red Hat Customer Portalvendor-advisoryx_refsource_REDHAT
RHSA-2024:6687 - Security Advisory - Red Hat Customer Portalvendor-advisoryx_refsource_REDHAT
RHSA-2024:6685 - Security Advisory - Red Hat Customer Portalvendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2024-7387

IV. Related Vulnerabilities

Same weakness: CWE-250

V. Comments for CVE-2024-7387

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2024-7387— Openshift/builder: path traversal allows command injection in privileged buildcontainer using docker build strategy

I. Basic Information for CVE-2024-7387

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2024-7387

III. Intelligence Information for CVE-2024-7387

IV. Related Vulnerabilities

V. Comments for CVE-2024-7387

Leave a comment