CVE-2020-10696 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2020-10696 Interim 1 69 2026-03-05T05:54:02Z current 2021-05-30T14:38:43Z 2026-03-05T05:54:02Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2020-10696 A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-updates/2022-October/025850.html E-Mail link for SUSE-CU-2022:2741-1 https://lists.suse.com/pipermail/sle-security-updates/2022-October/012736.html E-Mail link for SUSE-CU-2022:2742-1 https://lists.suse.com/pipermail/sle-security-updates/2022-October/012737.html E-Mail link for SUSE-CU-2022:2743-1 https://lists.suse.com/pipermail/sle-security-updates/2022-October/012738.html E-Mail link for SUSE-CU-2022:2744-1 https://lists.suse.com/pipermail/sle-security-updates/2022-November/012798.html E-Mail link for SUSE-CU-2022:2800-1 https://lists.suse.com/pipermail/sle-security-updates/2022-November/012818.html E-Mail link for SUSE-CU-2022:2809-1 https://lists.suse.com/pipermail/sle-security-updates/2022-November/013171.html E-Mail link for SUSE-CU-2022:3263-1 https://lists.suse.com/pipermail/sle-security-updates/2022-November/013172.html E-Mail link for SUSE-CU-2022:3264-1 https://lists.suse.com/pipermail/sle-security-updates/2022-November/013173.html E-Mail link for SUSE-CU-2022:3265-1 https://lists.suse.com/pipermail/sle-security-updates/2023-April/014555.html E-Mail link for SUSE-CU-2023:1261-1 https://lists.suse.com/pipermail/sle-security-updates/2023-April/014556.html E-Mail link for SUSE-CU-2023:1262-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013935.html E-Mail link for SUSE-CU-2023:496-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013937.html E-Mail link for SUSE-CU-2023:499-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013938.html E-Mail link for SUSE-CU-2023:500-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013939.html E-Mail link for SUSE-CU-2023:501-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013940.html E-Mail link for SUSE-CU-2023:502-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013941.html E-Mail link for SUSE-CU-2023:503-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013942.html E-Mail link for SUSE-CU-2023:504-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013943.html E-Mail link for SUSE-CU-2023:505-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013944.html E-Mail link for SUSE-CU-2023:506-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013945.html E-Mail link for SUSE-CU-2023:507-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013946.html E-Mail link for SUSE-CU-2023:508-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013947.html E-Mail link for SUSE-CU-2023:509-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013948.html E-Mail link for SUSE-CU-2023:510-1 https://lists.suse.com/pipermail/sle-security-updates/2023-March/013949.html E-Mail link for SUSE-CU-2023:511-1 https://lists.suse.com/pipermail/sle-security-updates/2022-November/013038.html E-Mail link for SUSE-IU-2022:1130-1 https://lists.suse.com/pipermail/sle-security-updates/2022-November/013054.html E-Mail link for SUSE-IU-2022:1133-1 https://lists.suse.com/pipermail/sle-security-updates/2022-November/013055.html E-Mail link for SUSE-IU-2022:1134-1 https://lists.suse.com/pipermail/sle-security-updates/2020-November/007820.html E-Mail link for SUSE-SU-2020:3423-1 https://lists.suse.com/pipermail/sle-security-updates/2022-March/010404.html E-Mail link for SUSE-SU-2022:0770-1 https://lists.suse.com/pipermail/sle-security-updates/2022-September/012462.html E-Mail link for SUSE-SU-2022:3480-1 https://lists.suse.com/pipermail/sle-security-updates/2022-October/012578.html E-Mail link for SUSE-SU-2022:3655-1 https://lists.suse.com/pipermail/sle-security-updates/2022-October/012703.html E-Mail link for SUSE-SU-2022:3766-1 https://lists.suse.com/pipermail/sle-security-updates/2022-December/013200.html E-Mail link for SUSE-SU-2022:4349-1 https://lists.suse.com/pipermail/sle-security-updates/2022-December/013201.html E-Mail link for SUSE-SU-2022:4350-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q7YYGMTZ4T4RLHDVCMQD3K6CDIAXO3O3/ E-Mail link for openSUSE-SU-2020:2106-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/P4DQSPUPKAZCPS5MQYTAYGS7YM76UIHZ/ E-Mail link for openSUSE-SU-2021:0310-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WFIDXN6UAK2I4PPVFPBE4STNQH2FZQ4A/ E-Mail link for openSUSE-SU-2022:0770-1 https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/QTUY324RV3FFZBHVIWDHRCIOPJHIJIN4/ E-Mail link for openSUSE-SU-2024:14599-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Enterprise Storage 7 SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Liberty Linux 8 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Module for Containers 15 SP5 SUSE Linux Enterprise Module for Containers 15 SP6 SUSE Linux Enterprise Module for Containers 15 SP7 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Server 15 SP1-BCL SUSE Linux Enterprise Server 15 SP1-LTSS SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Linux Enterprise Server 15 SP2-BCL SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Server 15 SP4-TERADATA SUSE Linux Enterprise Module for Containers 15 SP5 SUSE Linux Enterprise Module for Containers 15 SP6 SUSE Linux Enterprise Module for Containers 15 SP7 SUSE Linux Enterprise Server 16.0 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Module for Containers 15 SP5 SUSE Linux Enterprise Module for Containers 15 SP6 SUSE Linux Enterprise Module for Containers 15 SP7 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Manager Proxy 4.1 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Manager Retail Branch Server 4.1 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Containers 15 SP2 SUSE Manager Server 4.1 SUSE Linux Enterprise Module for Containers 15 SP3 SUSE Linux Enterprise Module for Containers 15 SP4 openSUSE Leap 15.1 openSUSE Leap 15.2 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Tumbleweed buildah-1.11.6-8.module+el8.2.0+6368+cf16aa14 buildah-1.17.0-3.6.1 buildah-1.17.0-lp151.2.6.1 buildah-1.19.2-lp152.2.3.1 buildah-1.23.0-1.1 buildah-1.25.1-150100.3.13.12 buildah-1.28.2-150300.8.14.1 buildah-1.28.2-150400.3.11.1 buildah-1.29.1-150500.1.13 buildah-1.34.1-150500.3.7.1 buildah-1.35.5-150500.3.34.1 buildah-1.39.4-160000.2.2 buildah-tests-1.11.6-8.module+el8.2.0+6368+cf16aa14 govulncheck-vulndb-0.0.20241213T205935-1.1 govulncheck-vulndb-0.0.20250814T182633-160000.1.2 buildah-1.25.1-150100.3.13.12 as a component of SUSE CaaS Platform 4.0 buildah-1.25.1-150100.3.13.12 as a component of SUSE Enterprise Storage 6 buildah-1.25.1-150100.3.13.12 as a component of SUSE Enterprise Storage 7 buildah-1.11.6-8.module+el8.2.0+6368+cf16aa14 as a component of SUSE Liberty Linux 8 buildah-tests-1.11.6-8.module+el8.2.0+6368+cf16aa14 as a component of SUSE Liberty Linux 8 buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS buildah-1.17.0-3.6.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP1 buildah-1.17.0-3.6.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP2 buildah-1.17.0-3.6.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP3 buildah-1.28.2-150400.3.11.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP4 buildah-1.29.1-150500.1.13 as a component of SUSE Linux Enterprise Module for Containers 15 SP5 buildah-1.34.1-150500.3.7.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP6 buildah-1.35.5-150500.3.34.1 as a component of SUSE Linux Enterprise Module for Containers 15 SP7 buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise Server 15 SP1-BCL buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise Server 15 SP1-LTSS buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise Server 15 SP2-BCL buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS buildah-1.28.2-150400.3.11.1 as a component of SUSE Linux Enterprise Server 15 SP4-TERADATA buildah-1.39.4-160000.2.2 as a component of SUSE Linux Enterprise Server 16.0 govulncheck-vulndb-0.0.20250814T182633-160000.1.2 as a component of SUSE Linux Enterprise Server 16.0 buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP1 buildah-1.25.1-150100.3.13.12 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 buildah-1.25.1-150100.3.13.12 as a component of SUSE Manager Proxy 4.1 buildah-1.25.1-150100.3.13.12 as a component of SUSE Manager Retail Branch Server 4.1 buildah-1.25.1-150100.3.13.12 as a component of SUSE Manager Server 4.1 buildah-1.17.0-lp151.2.6.1 as a component of openSUSE Leap 15.1 buildah-1.19.2-lp152.2.3.1 as a component of openSUSE Leap 15.2 buildah-1.28.2-150300.8.14.1 as a component of openSUSE Leap 15.3 buildah-1.28.2-150400.3.11.1 as a component of openSUSE Leap 15.4 buildah-1.23.0-1.1 as a component of openSUSE Tumbleweed govulncheck-vulndb-0.0.20241213T205935-1.1 as a component of openSUSE Tumbleweed A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions. CVE-2020-10696 SUSE CaaS Platform 4.0:buildah-1.25.1-150100.3.13.12 SUSE Enterprise Storage 6:buildah-1.25.1-150100.3.13.12 SUSE Enterprise Storage 7:buildah-1.25.1-150100.3.13.12 SUSE Liberty Linux 8:buildah-1.11.6-8.module+el8.2.0+6368+cf16aa14 SUSE Liberty Linux 8:buildah-tests-1.11.6-8.module+el8.2.0+6368+cf16aa14 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:buildah-1.25.1-150100.3.13.12 SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:buildah-1.25.1-150100.3.13.12 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:buildah-1.25.1-150100.3.13.12 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:buildah-1.25.1-150100.3.13.12 SUSE Linux Enterprise Module for Containers 15 SP1:buildah-1.17.0-3.6.1 SUSE Linux Enterprise Module for Containers 15 SP2:buildah-1.17.0-3.6.1 SUSE Linux Enterprise Module for Containers 15 SP3:buildah-1.17.0-3.6.1 SUSE Linux Enterprise Module for Containers 15 SP4:buildah-1.28.2-150400.3.11.1 SUSE Linux Enterprise Module for Containers 15 SP5:buildah-1.29.1-150500.1.13 SUSE Linux Enterprise Module for Containers 15 SP6:buildah-1.34.1-150500.3.7.1 SUSE Linux Enterprise Module for Containers 15 SP7:buildah-1.35.5-150500.3.34.1 SUSE Linux Enterprise Server 15 SP1-BCL:buildah-1.25.1-150100.3.13.12 SUSE Linux Enterprise Server 15 SP1-LTSS:buildah-1.25.1-150100.3.13.12 SUSE Linux Enterprise Server 15 SP2-BCL:buildah-1.25.1-150100.3.13.12 SUSE Linux Enterprise Server 15 SP2-LTSS:buildah-1.25.1-150100.3.13.12 SUSE Linux Enterprise Server 15 SP4-TERADATA:buildah-1.28.2-150400.3.11.1 SUSE Linux Enterprise Server 16.0:buildah-1.39.4-160000.2.2 SUSE Linux Enterprise Server 16.0:govulncheck-vulndb-0.0.20250814T182633-160000.1.2 SUSE Linux Enterprise Server for SAP Applications 15 SP1:buildah-1.25.1-150100.3.13.12 SUSE Linux Enterprise Server for SAP Applications 15 SP2:buildah-1.25.1-150100.3.13.12 SUSE Manager Proxy 4.1:buildah-1.25.1-150100.3.13.12 SUSE Manager Retail Branch Server 4.1:buildah-1.25.1-150100.3.13.12 SUSE Manager Server 4.1:buildah-1.25.1-150100.3.13.12 openSUSE Leap 15.1:buildah-1.17.0-lp151.2.6.1 openSUSE Leap 15.2:buildah-1.19.2-lp152.2.3.1 openSUSE Leap 15.3:buildah-1.28.2-150300.8.14.1 openSUSE Leap 15.4:buildah-1.28.2-150400.3.11.1 openSUSE Tumbleweed:buildah-1.23.0-1.1 openSUSE Tumbleweed:govulncheck-vulndb-0.0.20241213T205935-1.1 important 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H