2 matches found
podman: Podman kube play command may overwrite host files
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...
PT-2025-36328
Name of the Vulnerable Software and Affected Versions podman versions 4.0.0 through 5.6.1 Description A vulnerability exists in podman where an attacker can use the kube play command to overwrite host files. This occurs when the kube file contains a Secret or a ConfigMap volume mount, and that...