8.1
CVE-2025-9566
- EPSS 0.11%
- Veröffentlicht 05.09.2025 19:54:30
- Zuletzt bearbeitet 23.09.2025 22:15:34
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 10
Default Statusaffected
Version <
*
Version
6:5.4.0-13.el10_0
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8
Default Statusaffected
Version <
*
Version
8100020250911075811.afee755d
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
Default Statusaffected
Version <
*
Version
8060020250919150821.3b538bd8
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
Default Statusaffected
Version <
*
Version
8060020250919150821.3b538bd8
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
Default Statusaffected
Version <
*
Version
8060020250919150821.3b538bd8
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
Default Statusaffected
Version <
*
Version
8080020250919060528.0f77c1b7
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
Default Statusaffected
Version <
*
Version
8080020250919060528.0f77c1b7
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version <
*
Version
5:5.4.0-13.el9_6
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Default Statusaffected
Version <
*
Version
2:4.2.0-6.el9_0.5
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
Default Statusaffected
Version <
*
Version
2:4.4.1-22.el9_2.4
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.4 Extended Update Support
Default Statusaffected
Version <
*
Version
4:4.9.4-18.el9_4.3
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat In-Vehicle Operating System 1
Default Statusaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4
Default Statusaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4
Default Statusaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Dev Spaces
Default Statusaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Dev Spaces
Default Statusaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.11% | 0.308 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
|
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.