Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:10551

Опубликовано: 29 июл. 2025
Источник: rocky
Оценка: Important

Описание

Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

  • podman: podman missing TLS verification (CVE-2025-6032)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
aardvark-dnsx86_642.module+el8.10.0+2001+6a33db9faardvark-dns-1.10.1-2.module+el8.10.0+2001+6a33db9f.x86_64.rpm
aardvark-dnsx86_642.module+el8.10.0+1948+4b5cd4a9aardvark-dns-1.10.1-2.module+el8.10.0+1948+4b5cd4a9.x86_64.rpm
aardvark-dnsx86_642.module+el8.10.0+1896+b18fa106aardvark-dns-1.10.1-2.module+el8.10.0+1896+b18fa106.x86_64.rpm
aardvark-dnsx86_642.module+el8.10.0+1880+8e896d1baardvark-dns-1.10.1-2.module+el8.10.0+1880+8e896d1b.x86_64.rpm
aardvark-dnsx86_642.module+el8.10.0+1874+ce489889aardvark-dns-1.10.1-2.module+el8.10.0+1874+ce489889.x86_64.rpm
buildahx86_642.module+el8.10.0+2001+6a33db9fbuildah-1.33.12-2.module+el8.10.0+2001+6a33db9f.x86_64.rpm
buildah-testsx86_642.module+el8.10.0+2001+6a33db9fbuildah-tests-1.33.12-2.module+el8.10.0+2001+6a33db9f.x86_64.rpm
cockpit-podmannoarch1.module+el8.10.0+1872+2e18eb19cockpit-podman-84.1-1.module+el8.10.0+1872+2e18eb19.noarch.rpm
cockpit-podmannoarch1.module+el8.10.0+1843+6892ab28cockpit-podman-84.1-1.module+el8.10.0+1843+6892ab28.noarch.rpm
cockpit-podmannoarch1.module+el8.10.0+1825+623b0c20cockpit-podman-84.1-1.module+el8.10.0+1825+623b0c20.noarch.rpm

Показывать по

Связанные CVE

CVE-2025-6032

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2025-6032

CVSS3: 8.3
ubuntu
7 месяцев назад

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

redhat логотип

CVE-2025-6032

CVSS3: 8.3
redhat
7 месяцев назад

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

nvd логотип

CVE-2025-6032

CVSS3: 8.3
nvd
7 месяцев назад

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

msrc логотип

CVE-2025-6032

msrc
5 месяцев назад

Podman: podman missing tls verification

debian логотип

CVE-2025-6032

CVSS3: 8.3
debian
7 месяцев назад

A flaw was found in Podman. The podman machine init command fails to v ...