151 matches found
CVE-2026-57231
A flaw was found in Podman, a tool for managing OCI containers and pods. A malicious container image can be crafted with an environment variable that has a key but no value, or an asterisk , to trick Podman. This vulnerability causes Podman to pass host environment variables into the container...
CVE-2026-55686
A flaw was found in Podman. A remote attacker can exploit this vulnerability by running a malicious container image where the WORKDIR working directory path contains a symbolic link symlink. This can lead to the creation of a directory or modification of ownership on the host filesystem,...
Linux Distros Unpatched Vulnerability : CVE-2026-57231
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no val...
CVE-2026-55686
Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an...
CVE-2026-55686
Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where the WORKDIR path contains a symlink can create a directory or modify ownership on the host filesystem. Modified ownership is less likely to happen as that requires help from an...
RHEL 9 : podman (RHSA-2026:19173)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:19173 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
RHEL 10 : podman (RHSA-2026:18289)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:18289 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
RHCOS 4 : OpenShift Container Platform 4.14.40 (RHSA-2024:8700)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8700 advisory. - buildah: Buildah allows arbitrary directory mount CVE-2024-9675 - Podman: Buildah: CRI-O: symlink traversal vulnerability in the...
RHCOS 4 : OpenShift Container Platform 4.18.25 (RHSA-2025:16729)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16729 advisory. - podman: Build Context Bind Mount CVE-2025-4953 Note that Nessus has not tested for this issue but has instead relied only on the...
RHCOS 4 : OpenShift Container Platform 4.17.35 (RHSA-2025:10295)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:10295 advisory. - podman: podman missing TLS verification CVE-2025-6032 - net/http: Request smuggling due to acceptance of invalid chunked data in...
RHCOS 4 : OpenShift Container Platform 4.16.20 (RHSA-2024:8686)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8686 advisory. - buildah: Buildah allows arbitrary directory mount CVE-2024-9675 - Podman: Buildah: CRI-O: symlink traversal vulnerability in the...
RHCOS 4 : OpenShift Container Platform 4.12.81 (RHSA-2025:17669)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:17669 advisory. - podman: Build Context Bind Mount CVE-2025-4953 Note that Nessus has not tested for this issue but has instead relied only on the...
RHCOS 4 : OpenShift Container Platform 4.13.53 (RHSA-2024:8690)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8690 advisory. - Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library CVE-2024-9341 - buildah: Build...
Security Bulletin: Vulnerabilities in podman affects IBM Netezza Appliance
Summary The podman package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEsCVE-2025-9566, CVE-2025-47907 Vulnerability Details CVEID:CVE-2025-9566 DESCRIPTION: There's a vulnerability in podman where an attacker may use the kube play command to overwrite...
Security Bulletin: Vulnerability in podman affects IBM Netezza Appliance
Summary The podman package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVECVE-2025-47913 Vulnerability Details CVEID:CVE-2025-47913 DESCRIPTION: SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination o...
Linux Distros Unpatched Vulnerability : CVE-2026-33414
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in...
CVE-2026-33414 PowerShell Command Injection in Podman HyperV Machine
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...
RHEL 9 : podman (RHSA-2026:5222)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5222 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
RHEL 10 : podman (RHSA-2026:5167)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5167 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...
RockyLinux 10 : podman (RLSA-2026:3336)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3336 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: archive/zip: Excessive CPU...