Directory Traversal

🗓️ 08 Sep 2025 09:04:03Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 1 Views

Podman directory traversal allows writing data to host files via malicious YAML due to path validation missing.

Reporter	Title	Published	Views	Family All 243
IBM Security Bulletins	Security Bulletin: Vulnerabilities in podman affects IBM Netezza Appliance	27 Apr 202613:16	–	ibm
ATTACKERKB	CVE-2025-9566	5 Sep 202519:54	–	attackerkb
Tenable Nessus	AlmaLinux 9 : podman (ALSA-2025:15900)	29 Sep 202500:00	–	nessus
Tenable Nessus	AlmaLinux 10 : podman (ALSA-2025:15901)	9 Oct 202500:00	–	nessus
Tenable Nessus	AlmaLinux 8 : container-tools:rhel8 (ALSA-2025:15904)	17 Sep 202500:00	–	nessus
Tenable Nessus	AlmaLinux 9 : podman (ALSA-2025:20909)	25 Nov 202500:00	–	nessus
Tenable Nessus	AlmaLinux 10 : podman (ALSA-2025:20983)	25 Nov 202500:00	–	nessus
Tenable Nessus	Fedora 42 : buildah / containers-common / podman (2025-19f7dd07d9)	10 Sep 202500:00	–	nessus
Tenable Nessus	Fedora 43 : buildah / containers-common / podman (2025-b93734b6b8)	10 Sep 202500:00	–	nessus
Tenable Nessus	Fedora 41 : buildah / containers-common / podman (2025-f9e142a4b0)	9 Sep 202500:00	–	nessus

Vulners

Node

podman_project podmanMatch4.5.0-r1go

AND

podman_project podmanMatch4.3.0-r2go

AND

podman_project podmanMatch5.3.2-r1go

AND

podman_project podmanMatch4.1.1-r2go

AND

podman_project podmanMatch1.9.2-r0go

AND

podman_project podmanMatch4.6.1-r0go

AND

podman_project podmanMatch3.1.2-r1go

AND

podman_project podmanMatch3.2.1-r0go

AND

podman_project podmanMatch5.0.3-r1go

AND

podman_project podmanMatch5.5.2-r0go

AND

podman_project podmanMatch4.0.0-r0go

AND

podman_project podmanMatch5.2.5-r1go

AND

podman_project podmanMatch3.3.1-r1go

AND

podman_project podmanMatch4.9.3-r2go

AND

podman_project podmanMatch3.4.4-r0go

AND

podman_project podmanMatch4.5.0-r2go

AND

podman_project podmanMatch3.1.0-r0go

AND

podman_project podmanMatch4.1.1-r3go

AND

podman_project podmanMatch5.3.2-r0go

AND

podman_project podmanMatch4.9.3-r1go

AND

podman_project podmanMatch3.3.0-r0go

AND

podman_project podmanMatch3.4.1-r0go

AND

podman_project podmanMatch4.7.0-r0go

AND

podman_project podmanMatch4.9.0-r0go

AND

podman_project podmanMatch3.2.2-r0go

AND

podman_project podmanMatch4.3.0-r0go

AND

podman_project podmanMatch4.6.2-r0go

AND

podman_project podmanMatch3.2.0-r0go

AND

podman_project podmanMatch5.5.2-r2go

AND

podman_project podmanMatch4.0.2-r0go

AND

podman_project podmanMatch1.8.0-r2go

AND

podman_project podmanMatch4.8.0-r0go

AND

podman_project podmanMatch4.2.0-r0go

AND

podman_project podmanMatch4.9.4-r0go

AND

podman_project podmanMatch1.9.3-r0go

AND

podman_project podmanMatch4.0.3-r0go

AND

podman_project podmanMatch4.3.1-r0go

AND

podman_project podmanMatch1.9.0-r0go

AND

podman_project podmanMatch4.5.0-r0go

AND

podman_project podmanMatch5.5.2-r1go

AND

podman_project podmanMatch5.2.1-r0go

AND

podman_project podmanMatch4.1.0-r0go

AND

podman_project podmanMatch4.4.1-r0go

AND

podman_project podmanMatch1.9.1-r1go

AND

podman_project podmanMatch4.2.1-r0go

AND

podman_project podmanMatch5.0.3-r2go

AND

podman_project podmanMatch5.2.2-r0go

AND

podman_project podmanMatch1.8.1-r0go

AND

podman_project podmanMatch4.7.2-r0go

AND

podman_project podmanMatch5.2.5-r2go

AND

podman_project podmanMatch1.8.2-r0go

AND

podman_project podmanMatch4.4.4-r2go

AND

podman_project podmanMatch4.3.1-r2go

AND

podman_project podmanMatch4.7.1-r0go

AND

podman_project podmanMatch3.1.1-r0go

AND

podman_project podmanMatch3.0.1-r0go

AND

podman_project podmanMatch4.0.1-r0go

AND

podman_project podmanMatch4.8.1-r0go

AND

podman_project podmanMatch4.9.3-r0go

AND

podman_project podmanMatch3.3.1-r0go

AND

podman_project podmanMatch4.3.0-r1go

AND

podman_project podmanMatch4.3.1-r1go

AND

podman_project podmanMatch3.4.2-r0go

AND

podman_project podmanMatch5.5.0-r0go

AND

podman_project podmanMatch4.1.1-r1go

AND

podman_project podmanMatch4.0.2-r1go

AND

podman_project podmanMatch4.1.1-r0go

AND

podman_project podmanMatch5.5.1-r0go

AND

podman_project podmanMatch5.2.4-r0go

AND

podman_project podmanMatch4.5.1-r3go

AND

podman_project podmanMatch4.5.1-r1go

AND

podman_project podmanMatch4.4.2-r0go

AND

podman_project podmanMatch4.1.0-r1go

AND

podman_project podmanMatch3.4.0-r0go

AND

podman_project podmanMatch4.6.2-r1go

AND

podman_project podmanMatch4.6.0-r0go

AND

podman_project podmanMatch3.4.4-r1go

AND

podman_project podmanMatch4.4.1-r1go

AND

podman_project podmanMatch3.2.3-r0go

AND

podman_project podmanMatch4.9.4-r1go

AND

podman_project podmanMatch5.6.0-r0go

AND

podman_project podmanMatch4.5.1-r0go

AND

podman_project podmanMatch4.7.1-r1go

AND

podman_project podmanMatch5.3.2-r2go

AND

podman_project podmanMatch4.6.0-r1go

AND

podman_project podmanMatch3.1.2-r0go

AND

podman_project podmanMatch4.4.0-r2go

AND

podman_project podmanMatch4.5.1-r2go

AND

podman_project podmanMatch4.2.1-r1go

AND

podman_project podmanMatch5.0.3-r0go

AND

podman_project podmanMatch4.2.1-r2go

AND

podman_project podmanMatch4.4.4-r0go

AND

podman_project podmanMatch5.3.2-r3go

AND

alpinelinux alpine_linuxMatchedge

podman_project podmanMatch5.5.2-r1go

AND

podman_project podmanMatch5.5.1-r0go

AND

podman_project podmanMatch5.5.0-r0go

AND

podman_project podmanMatch5.5.2-r0go

AND

alpinelinux alpine_linuxMatch3.22

bitnami github.com/containers/podmanRangev2.0.0-rc6–2.0.0-rc6go

bitnami github.com/containers/podmanRangev5.0.0-rc1–5.0.0-rc1go

podman_project github.com/containers/podman/v4Range4.0.3–4.9.5go

podman_project github.com/containers/podman/v5Range5.0.1–5.5.2go

Source	Link
access	www.access.redhat.com/security/cve/CVE-2025-9566
access	www.access.redhat.com/errata/RHSA-2025:16488
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2025:16481
access	www.access.redhat.com/errata/RHSA-2025:15901
access	www.access.redhat.com/errata/RHSA-2025:16480
github	www.github.com/containers/podman/commit/ca994186f07822b9048fe711b6903e51614d3e15
access	www.access.redhat.com/errata/RHSA-2025:16482
access	www.access.redhat.com/errata/RHSA-2025:16515
access	www.access.redhat.com/errata/RHSA-2025:15900

03 Jun 2026 09:43Current

7.1High risk

Vulners AI Score7.1

CVSS 3.18.1

EPSS0.00086

SSVC