GHSA-XJVP-4FHW-GC47 runc: Malicious image with /dev symlink can trigger limited host filesystem integrity violations

Impact When setting up the container rootfs, setupPtmx and setupDevSymlinks call os.Remove and os.Symlink with a filepath.Join string which allow an image with /dev as a symlink to trick runc into deleting files called ptmx on the host or creating a hardcoded set of symlinks with specific names a...

CVE-2026-42573

A flaw was found in Svelte, a web framework. An attacker could exploit a DOM clobbering vulnerability, which allows manipulation of the Document Object Model DOM to overwrite internal framework state on elements. This could potentially lead to Cross-Site Scripting XSS attacks, enabling the attack...

RHSA-2026:26445 Red Hat Security Advisory: podman security update

Bulletin has no description...

RHSA-2026:26447 Red Hat Security Advisory: podman security update

Bulletin has no description...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

PT-2026-49604

Name of the Vulnerable Software and Affected Versions Buildah versions prior to 1.43.2 Buildah versions prior to 1.44 Podman versions prior to 5.8.3 Description When processing build contexts or add/copy instructions, a malicious server serving a Git repository or a tar archive file can cause fil...

RHSA-2026:25248 Red Hat Security Advisory: podman security update

Bulletin has no description...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

podman security update

An update is available for podman. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The podman tool manages pods, container images, and containers. It is part of...

RLSA-2026:24470 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain...

RHEL 9 : podman (RHSA-2026:25248)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25248 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use...

RHSA-2026:24470 Red Hat Security Advisory: podman security update

Bulletin has no description...

RHSA-2026:24386 Red Hat Security Advisory: podman security update

Bulletin has no description...

Podman 4.8.0 < 5.8.2 PowerShell Command Injection (GHSA-hc8w-h2mf-hp59)

The version of Podman installed on the remote Windows host is prior to 5.8.2. It is, therefore, affected by a command injection vulnerability in the HyperV machine backend. - A command injection vulnerability exists in Podman's HyperV machine backend. The VM image path is inserted into a PowerShe...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

RHEL 10 : podman (RHSA-2026:24386)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24386 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

RHEL 10 : podman (RHSA-2026:24470)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24470 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use...

ALSA-2026:24470 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain...