Количество 6
Количество 6
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
CVE-2025-9566
Podman: podman kube play command may overwrite host files
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube p ...
GHSA-wp3j-xq48-xpjw
podman kube play symlink traversal vulnerability
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 | CVSS3: 8.1 | 0% Низкий | 12 дней назад |
 | CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 | CVSS3: 8.1 | 0% Низкий | 14 дней назад |
 | CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 | CVSS3: 8.1 | 0% Низкий | 12 дней назад |
 | CVE-2025-9566 Podman: podman kube play command may overwrite host files | 0% Низкий | 11 дней назад | |
| CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube p ... | CVSS3: 8.1 | 0% Низкий | 12 дней назад |
| GHSA-wp3j-xq48-xpjw podman kube play symlink traversal vulnerability | CVSS3: 8.1 | 0% Низкий | 13 дней назад |
Уязвимостей на страницу