12 matches found
SUSE CVE-2026-33414
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...
CVE-2026-33414
A flaw was found in Podman, a tool for managing containers. This vulnerability, located in the HyperV machine backend, allows for command injection. An attacker who can manipulate the virtual machine VM image path can inject and execute arbitrary PowerShell commands. This could lead to unauthoriz...
DEBIAN-CVE-2026-33414
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...
CVE-2026-33414
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...
CVE-2026-33414 PowerShell Command Injection in Podman HyperV Machine
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...
CVE-2026-33414
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...
CVE-2026-33414
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...
CVE-2026-33414
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the Resize-VHD PowerShell command construction process. An attacker can execute arbitrary PowerShell commands with the privileges of the affected process by supplying a crafted VM image path containing malicious...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection via the Resize-VHD PowerShell command construction process. An attacker can execute arbitrary PowerShell commands with the privileges of the affected process by supplying a crafted VM image path containing malicious...
Podman 操作系统命令注入漏洞
Podman is an open-source engine developed by Podman for developing, managing, and running OCI containers on Linux systems. Versions of Podman 4.8.0 to 5.8.1 contain a vulnerability related to operating system command injection. This vulnerability stems from command injection issues in the HyperV...
PT-2026-32953
Name of the Vulnerable Software and Affected Versions Podman versions 4.8.0 through 5.8.1 Description A command injection issue exists in the HyperV machine backend within the file pkg/machine/hyperv/stubber.go. The VM image path is inserted into a PowerShell double-quoted string without...