CVE-2020-1702: 
Podman vulnerability analysis and mitigation

CVE-2020-1702 affects container image handling in systems using containers-image versions before 5.2.0. The vulnerability was discovered in early 2020 and affects container runtime hosts such as Red Hat Enterprise Linux using podman and OpenShift Container Platform. The vulnerability allows malicious container images to consume unbounded memory during the image pulling process (Red Hat Bugzilla).

The vulnerability stems from a design flaw where the container image handling process reads the entire image manifest into memory without proper bounds checking. The issue has a CVSS v3.1 base score of 3.3 (LOW) with vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L, indicating local access is required and user interaction is needed (NVD).

When exploited, this vulnerability can lead to a denial of service condition by causing the process responsible for pulling container images to crash due to memory exhaustion. This affects users with privileges to pull container images (Red Hat Bugzilla).

The vulnerability was fixed in containers-image version 5.2.0. Red Hat has released several security advisories to address this issue across their product line, including RHSA-2020:1227, RHSA-2020:1234, RHSA-2020:1650, and RHSA-2020:2116 for various versions of Red Hat Enterprise Linux and OpenShift Container Platform (Red Hat Bugzilla).