24 matches found
Astra Linux – Vulnerability in libpod
A flaw was discovered in Podman. The podman machine init command fails to verify the TLS certificate when downloading VM images from an OCI registry. This issue allows for a Man In The Middle attack to occur...
EUVD-2022-5384
Malicious code in bioql PyPI...
EUVD-2022-1821
Malicious code in bioql PyPI...
EUVD-2022-0432
Malicious code in bioql PyPI...
EUVD-2024-2652
Malicious code in bioql PyPI...
AZL-68054 CVE-2025-4953 affecting package podman for versions less than 5.6.1-2
A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...
CVE-2025-4953
A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...
PT-2025-38004
Name of the Vulnerable Software and Affected Versions Podman affected versions not specified Description A flaw exists in Podman where data written to RUN --mount=type=bind mounts during the podman build process is not discarded. This can result in files created within the container appearing in...
CVE-2025-6032
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...
CVE-2025-6032
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack...
CVE-2025-6032
Podman vulnerability CVE-2025-6032: the podman machine init flow fails to verify TLS when downloading VM images from an OCI registry, enabling a potential Man-in-the-Middle. Affected component is Podman/libpod; impact is high (confidentiality, integrity, availability). Mitigation references indic...
Alibaba Cloud Linux 3 : 0267: container-tools:rhel8 (ALINUX3-SA-2024:0267)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0267 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-33198: In Go before 1.15.13 and...
Linux Distros Unpatched Vulnerability : CVE-2024-3056
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least o...
Linux Distros Unpatched Vulnerability : CVE-2023-0778
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Time-of-check Time-of-use TOCTOU flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while...
CVE-2024-3056
A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources...
Rocky Linux 8 : container-tools:rhel8 (RLSA-2020:1650)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1650 advisory. - runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfslinux.go. To exploit this, an...
AZL-39612 CVE-2023-0778 affecting package cri-o for versions less than 1.22.3-10
A Time-of-check Time-of-use TOCTOU flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system...
podman: Remote traffic to rootless containers is seen as orginating from localhost
A flaw was found in podman. Rootless containers receive all traffic with a source IP address of 127.0.0.1 including from remote hosts which impact containerized applications that trust localhost 127.0.01 connections by default and do not require authentication. The highest threat from this...
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. Once this image is downloaded by a potential victim the vulnerability is triggered after a user runs the 'podman top' command. This action gives the attacker access to the host filesystem leading to information disclosure or denial of service.
...
podman: Default inheritable capabilities for linux container should be empty
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby Docker Engine, where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to...