Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:podman:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Podman (ad05c31b-5092-5951-81e5-4c6bc42f669b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-0778 |
vulnerable | 2026-06-08 05:52:32.610200 |
Details available
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.
Published: 2023-03-27T00:00:00.000Z
Updated: 2025-02-24T17:25:59.179Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-4123 |
vulnerable | 2026-06-08 05:51:36.803571 |
Details available
A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.
Published: 2022-12-08T00:00:00.000Z
Updated: 2025-04-22T20:33:21.916Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-4122 |
vulnerable | 2026-06-08 05:51:36.800091 |
Details available
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.
Published: 2022-12-08T00:00:00.000Z
Updated: 2025-04-22T20:30:06.788Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2989 |
vulnerable | 2026-06-08 05:43:36.849225 |
Details available
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Published: 2022-09-13T13:41:00.000Z
Updated: 2025-06-05T18:15:28.374Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2739 |
vulnerable | 2026-06-08 05:43:36.093171 |
Details available
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.
Published: 2022-09-01T20:51:02.000Z
Updated: 2024-08-03T00:46:04.095Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-2738 |
vulnerable | 2026-06-08 05:43:36.090050 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-27649 |
vulnerable | 2026-06-08 05:42:42.764166 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-4024 |
vulnerable | 2026-06-08 05:38:08.102064 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20199 |
vulnerable | 2026-06-08 05:29:08.699404 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-20188 |
vulnerable | 2026-06-08 05:29:08.665194 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-14370 |
vulnerable | 2026-06-08 05:19:23.146452 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-25067 |
vulnerable | 2026-06-08 05:13:41.917451 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.