Information Disclosure

github.com/containers/podman is vulnerable to information disclosure. The vulnerability is due to data written to RUN --mount=type=bind mounts during the Podman build not being discarded, which allows an attacker to access files created within the container from the host system’s temporary build...

USN-7822-1 dotnet8, dotnet9, dotnet10 vulnerabilities

It was discovered that .NET did not properly handle the creation of temporary build time directories. An attacker could possibly use this issue to cause a denial of service. CVE-2025-55247 It was discovered that .NET did not properly establish TLS sessions for SMTP server connections. An attacker...

podman: Build Context Bind Mount

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

Podman Creates Temporary File with Insecure Permissions

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

CVE-2025-4953 Podman: build context bind mount

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

CVE-2025-4953

CVE-2025-4953 affects Podman builds using RUN --mount=type=bind; data written during build may persist and appear in the host build context, exposing created files. The issue is specific to Podman/bind-mmount behavior. Remediation: upgrade Podman to a version where the fix is applied (e.g., Podma...

Podman 安全漏洞

Podman is a Podman open source engine for developing, managing and running OCI containers on Linux systems. A security vulnerability exists in Podman that stems from RUN --mount=type=bind mounted data that is not discarded during a podman build, which could result in files created within the...

Linux Distros Unpatched Vulnerability : CVE-2025-52991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users...

CVE-2025-52991

The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data...

Nix、lix和GNU Guix 安全漏洞

GNU Guix is a product of the U.S. et all is a product of the U.S. GNU community. gnu guix is an open source, cross-platform program package manager. lix et all is a product of the lix open source. lix is a package manager. nix et all is a product of the nix open source. nix is a powerful package...

SUSE CVE-2025-52991

The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data...

podman: Build Context Bind Mount

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files...

UBUNTU-CVE-2014-8991

pip 1.3 through 1.5.6 allows local users to cause a denial of service prevention of package installation by creating a /tmp/pip-build- file for another user...

PYSEC-2014-11

pip 1.3 through 1.5.6 allows local users to cause a denial of service prevention of package installation by creating a /tmp/pip-build- file for another user...

GLSA-200512-07 : OpenLDAP, Gauche: RUNPATH issues

The remote host is affected by the vulnerability described in GLSA-200512-07 OpenLDAP, Gauche: RUNPATH issues Gentoo packaging for OpenLDAP and Gauche may introduce insecure paths into the list of directories that are searched for libraries at runtime. Impact : A local attacker, who is a member o...

CVE-2005-3582

ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime...

CVE-2005-3580

QDBM before 1.8.33-r2 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime...

CVE-2005-3582

ImageMagick before 6.2.4.2-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime...

CVE-2005-3581

GDAL before 1.3.0-r1 allows local users in the portage group to increase privileges via a shared object in the Portage temporary build directory, which is added to the search path allowing objects in it to be loaded at runtime...