Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : container-tools:rhel8 (AXSA:2025-10860:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10860:01 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the MiracleLinux...

8.1CVSS5.6AI score0.01008EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/13 12:0 a.m.5 views

MiracleLinux 9 : podman-5.6.0-6.el9_7 (AXSA:2025-11464:11)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11464:11 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has...

8.1CVSS6.7AI score0.01008EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/12/03 12:0 a.m.6 views

RockyLinux 8 : container-tools:rhel8 (RLSA-2025:15904)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:15904 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the RockyLin...

8.1CVSS5.5AI score0.01008EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.4 views

AlmaLinux 9 : podman (ALSA-2025:20909)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20909 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted t...

8.1CVSS6.7AI score0.01008EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/25 12:0 a.m.5 views

AlmaLinux 10 : podman (ALSA-2025:20983)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:20983 advisory. database/sql: Postgres Scan Race Condition CVE-2025-47907 podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted...

8.1CVSS6.7AI score0.01008EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.4 views

RockyLinux 10 : podman (RLSA-2025:15901)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:15901 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the RockyLinux...

8.1CVSS5.5AI score0.01008EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/09/17 12:0 a.m.7 views

AlmaLinux 8 : container-tools:rhel8 (ALSA-2025:15904)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:15904 advisory. podman: Podman kube play command may overwrite host files CVE-2025-9566 Tenable has extracted the preceding description block directly from the AlmaLinux security...

8.1CVSS5.5AI score0.01008EPSS
Exploits0References3
OSV
OSV
added 2025/09/04 8:1 p.m.3 views

GHSA-WP3J-XQ48-XPJW podman kube play symlink traversal vulnerability

Impact The podman kube play command can overwrite host files when the kube file contains a ConfigMap or Secret volume mount and the volume already contains a symlink to a host file. This allows a malicious container to write to arbitrary files on the host BUT the attacker only controls the target...

8.1CVSS6.7AI score0.01008EPSS
Exploits0References34
RedhatCVE
RedhatCVE
added 2025/09/04 3:53 p.m.5 views

CVE-2025-9566

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

8.1CVSS6.9AI score0.01008EPSS
Exploits0References3
Snyk
Snyk
added 2025/09/04 12:0 a.m.5 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the podman kube play command. An attacker can cause sensitive data corruption and system crashes by supplying a malicious Kubernetes YAML file that results in overwriting critical host files. The attacker only...

8.1CVSS7.9AI score0.01008EPSS
Exploits0References2
Snyk
Snyk
added 2025/09/04 12:0 a.m.2 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the podman kube play command. An attacker can cause sensitive data corruption and system crashes by supplying a malicious Kubernetes YAML file that results in overwriting critical host files. The attacker only...

8.1CVSS7.9AI score0.01008EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.24 views

openSUSE: Security Advisory for podman (SUSE-SU-2023:0326-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.9AI score0.05994EPSS
Exploits3References2
Rows per page
Query Builder