Количество 19
Количество 19
GHSA-wp3j-xq48-xpjw
podman kube play symlink traversal vulnerability
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
CVE-2025-9566
Podman: podman kube play command may overwrite host files
CVE-2025-9566
There's a vulnerability in podman where an attacker may use the kube p ...
SUSE-SU-2025:3782-1
Security update for podman
SUSE-SU-2025:03584-1
Security update for podman
SUSE-SU-2025:03534-1
Security update for podman
RLSA-2025:15901
Important: podman security update
RLSA-2025:15900
Important: podman security update
ELSA-2025-15904
ELSA-2025-15904: container-tools:rhel8 security update (IMPORTANT)
ELSA-2025-15901
ELSA-2025-15901: podman security update (IMPORTANT)
ELSA-2025-15900
ELSA-2025-15900: podman security update (IMPORTANT)
BDU:2025-13147
Уязвимость программного средства управления и запуска OCI-контейнеров Podman, связанная с неправильным разрешением ссылки перед доступом к файлу, позволяющая нарушителю вызвать отказ в обслуживании
ROS-20251014-08
Уязвимость podman
RLSA-2025:15904
Important: container-tools:rhel8 security update
ELSA-2025-20983
ELSA-2025-20983: podman security update (IMPORTANT)
ELSA-2025-20909
ELSA-2025-20909: podman security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-wp3j-xq48-xpjw podman kube play symlink traversal vulnerability | CVSS3: 8.1 | 0% Низкий | 4 месяца назад |
 | CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 | CVSS3: 8.1 | 0% Низкий | 4 месяца назад |
 | CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 | CVSS3: 8.1 | 0% Низкий | 4 месяца назад |
 | CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1 | CVSS3: 8.1 | 0% Низкий | 4 месяца назад |
 | CVE-2025-9566 Podman: podman kube play command may overwrite host files | 0% Низкий | 3 месяца назад | |
| CVE-2025-9566 There's a vulnerability in podman where an attacker may use the kube p ... | CVSS3: 8.1 | 0% Низкий | 4 месяца назад |
 | SUSE-SU-2025:3782-1 Security update for podman | 0% Низкий | около 2 месяцев назад | |
| SUSE-SU-2025:03584-1 Security update for podman | 0% Низкий | 2 месяца назад | |
| SUSE-SU-2025:03534-1 Security update for podman | 0% Низкий | 2 месяца назад | |
 | RLSA-2025:15901 Important: podman security update | 0% Низкий | 3 месяца назад | |
| RLSA-2025:15900 Important: podman security update | 0% Низкий | 2 месяца назад | |
| ELSA-2025-15904 ELSA-2025-15904: container-tools:rhel8 security update (IMPORTANT) | 3 месяца назад | ||
| ELSA-2025-15901 ELSA-2025-15901: podman security update (IMPORTANT) | 3 месяца назад | ||
| ELSA-2025-15900 ELSA-2025-15900: podman security update (IMPORTANT) | 3 месяца назад | ||
 | BDU:2025-13147 Уязвимость программного средства управления и запуска OCI-контейнеров Podman, связанная с неправильным разрешением ссылки перед доступом к файлу, позволяющая нарушителю вызвать отказ в обслуживании | CVSS3: 8.1 | 0% Низкий | 4 месяца назад |
 | ROS-20251014-08 Уязвимость podman | CVSS3: 8.1 | 0% Низкий | 2 месяца назад |
| RLSA-2025:15904 Important: container-tools:rhel8 security update | 21 день назад | ||
| ELSA-2025-20983 ELSA-2025-20983: podman security update (IMPORTANT) | 17 дней назад | ||
| ELSA-2025-20909 ELSA-2025-20909: podman security update (IMPORTANT) | 25 дней назад |
Уязвимостей на страницу