Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Docker: Race condition in docker cp allows bind mount redirection to host path

Summary A race condition during docker cp mount setup allows a malicious container to redirect a bind mount target to an arbitrary host path, potentially overwriting host files or causing denial of service. Details When copying files into a container, the daemon sets up a temporary filesystem vie...

PT-2026-35073

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions 0.4.0 through 0.7.x Description A flaw in the Java agent injection path allows a local attacker controlling a Java workload to overwrite arbitrary host files when Java injection is enabled and the...

PT-2026-27237

OpenClaw before 2026.3.2 contains a symlink traversal vulnerability in stageSandboxMedia that allows attackers to overwrite files outside the sandbox workspace. Attackers can exploit unvalidated destination paths in media/inbound writes to follow symlinks and overwrite host files beyond intended...

CVE-2026-1386

A flaw was found in the Firecracker jailer component. A local user with write access to pre-created jailer directories could exploit a symbolic link symlink following issue. This vulnerability allows the attacker to overwrite arbitrary host files during the jailer's startup initialization process...

MiracleLinux 8 : container-tools:rhel8 (AXSA:2025-10860:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10860:01 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the MiracleLinux...

Oracle Linux 9 : podman (ELSA-2025-20909)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20909 advisory. - fixes 'CVE-2025-9566 podman: Podman kube play command may overwrite host files rhel-9.7' Tenable has extracted the preceding description block...

container-tools:rhel8 security update

An update is available for module.crun, fuse-overlayfs, module.slirp4netns, python-podman, module.runc, container-selinux, module.podman, module.udica, module.aardvark-dns, module.fuse-overlayfs, cockpit-podman, aardvark-dns, module.conmon, containers-common, libslirp, criu,...

AlmaLinux 10 : podman (ALSA-2025:20983)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20983 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted...

AlmaLinux 9 : podman (ALSA-2025:20909)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20909 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted t...

ALSA-2025:20983 Important: podman security update

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fixes: database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play comman...

Security update for podman

This update for podman fixes the following issues: CVE-2025-9566: Fixed kube play command overwriting host files bsc1249154 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command...

SUSE-SU-2025:03584-1 Security update for podman

This update for podman fixes the following issues: - CVE-2025-9566: fixed an issue in kube play command that could cause overwriting host files bsc1249154...

RHEL 9 : podman (RHSA-2025:16481)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16481 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

RHEL 9 : podman (RHSA-2025:15900)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:15900 advisory. The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods...

CVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

AZL-67046 CVE-2025-9566 affecting package podman 4.1.1-26

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

CVE-2020-3476

A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. The vulnerability is due to insufficient validation of the parameters of a specific CLI command. A...

podman: resolving symlink in host filesystem leads to unexpected results of copy operation

It was discovered that podman resolves a symlink in the host context during a copy operation from the container to the host. An attacker could create a container image containing particular symlinks that, when copied by a victim user to the host filesystem, may overwrite existing files with other...