Known Vulnerabilities for products from Podman Project
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Podman Project".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-0778 json | A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file... | 6.8 - MEDIUM | 2023-03-27 | 2023-04-03 |
| CVE-2022-27649 json | A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was... | 7.5 - HIGH | 2022-04-04 | 2023-11-07 |
| CVE-2022-4123 json | A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path trave... | 3.3 - LOW | 2022-12-08 | 2023-06-27 |
| CVE-2022-4122 json | A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore result... | 5.3 - MEDIUM | 2022-12-08 | 2022-12-12 |
| CVE-2022-2989 json | An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disc... | 7.1 - HIGH | 2022-09-13 | 2023-02-12 |
| CVE-2022-2739 json | The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect ver... | 5.3 - MEDIUM | 2022-09-01 | 2023-07-21 |
| CVE-2022-2738 json | The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect ver... | 7.5 - HIGH | 2022-09-01 | 2023-02-12 |
| CVE-2022-1227 json | A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public regist... | 8.8 - HIGH | 2022-04-29 | 2023-11-07 |
| CVE-2021-20199 json | Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts).... | 5.9 - MEDIUM | 2021-02-02 | 2021-02-26 |
| CVE-2021-20188 json | A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correc... | 7 - HIGH | 2021-02-11 | 2021-02-17 |
| CVE-2021-4024 json | A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podm... | 6.5 - MEDIUM | 2021-12-23 | 2023-11-07 |
| CVE-2020-14370 json | An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Va... | 5.3 - MEDIUM | 2020-09-23 | 2023-11-07 |
| CVE-2019-25067 json | A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the... | 8.8 - HIGH | 2022-06-09 | 2022-06-16 |
Known software with vulnerabilities from Podman Project
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Podman Project | Podman | - |