Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:podman:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductPodman (ad05c31b-5092-5951-81e5-4c6bc42f669b)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-0778 vulnerable 2026-06-08 05:52:32.610200 Details available
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.
Published: 2023-03-27T00:00:00.000Z
Updated: 2025-02-24T17:25:59.179Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-4123 vulnerable 2026-06-08 05:51:36.803571 Details available
A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.
Published: 2022-12-08T00:00:00.000Z
Updated: 2025-04-22T20:33:21.916Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-4122 vulnerable 2026-06-08 05:51:36.800091 Details available
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.
Published: 2022-12-08T00:00:00.000Z
Updated: 2025-04-22T20:30:06.788Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-2989 vulnerable 2026-06-08 05:43:36.849225 Details available
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Published: 2022-09-13T13:41:00.000Z
Updated: 2025-06-05T18:15:28.374Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-2739 vulnerable 2026-06-08 05:43:36.093171 Details available
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.
Published: 2022-09-01T20:51:02.000Z
Updated: 2024-08-03T00:46:04.095Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-2738 vulnerable 2026-06-08 05:43:36.090050 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-27649 vulnerable 2026-06-08 05:42:42.764166 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-4024 vulnerable 2026-06-08 05:38:08.102064 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20199 vulnerable 2026-06-08 05:29:08.699404 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20188 vulnerable 2026-06-08 05:29:08.665194 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-14370 vulnerable 2026-06-08 05:19:23.146452 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2019-25067 vulnerable 2026-06-08 05:13:41.917451 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.