Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2025-8283

Опубликовано: 28 июл. 2025
Источник: nvd
CVSS3: 3.7
EPSS Низкий

Описание

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 11%
0.00037
Низкий

3.7 Low

CVSS3

Дефекты

CWE-15

Связанные уязвимости

ubuntu логотип

CVE-2025-8283

CVSS3: 3.7
ubuntu
6 месяцев назад

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.

redhat логотип

CVE-2025-8283

CVSS3: 3.7
redhat
6 месяцев назад

A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.

debian логотип

CVE-2025-8283

CVSS3: 3.7
debian
6 месяцев назад

A vulnerability was found in the netavark package, a network stack for ...

github логотип

GHSA-rpcf-rmh6-42xr

CVSS3: 3.7
github
6 месяцев назад

Netavark Has Possible DNS Resolve Confusion

fstec логотип

BDU:2025-10832

CVSS3: 3.7
fstec
6 месяцев назад

Уязвимость сетевого стека для управления сетями контейнеров Netavark, связанная с восстановлением измененной резервной копии конфигурации, позволяющая нарушителю получить доступ к конфиденциальной информации

EPSS

Процентиль: 11%
0.00037
Низкий

3.7 Low

CVSS3

Дефекты

CWE-15