Benhoyt

**Name of the Vulnerable Software and Affected Versions** Pebble versions prior to 1.10.2 Pebble versions 1.1.1, 1.4.2, and 1.7.4 are fixed versions, but all versions prior to 1.10.2 are considered vulnerable. **Description** The issue allows unprivileged local users to read files with root-equivalent permissions when Pebble is running as root. This is due to the read-file API and the associated pebble pull command allowing access from any user, instead of just admin. If an attacker gains local access to the container host, they could hit the Pebble `GET /v1/files?action=read` API and read any file in the workload container, including sensitive information such as ssh keys or database passwords. **Recommendations** For Pebble versions prior to 1.10.2, update to version 1.10.2 or later to resolve the issue. For Pebble versions prior to 1.1.1, 1.4.2, and 1.7.4, update to the respective fixed version to resolve the issue. As a temporary workaround, consider restricting access to the Pebble `GET /v1/files?action=read` API to minimize the risk of exploitation.