8.1
CVE-2025-9566
- EPSS 1.01%
- Veröffentlicht 05.09.2025 19:54:30
- Zuletzt bearbeitet 02.07.2026 17:16:57
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Podman: podman kube play command may overwrite host files
There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
Collection URLhttps://github.com/containers/podman
≫
Paket
podman
Default Statusunaffected
Version
4.0.0
Version <
5.6.1
Status
affected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 10
Default Statusaffected
Version
6:5.4.0-13.el10_0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 10
Default Statusaffected
Version
7:5.6.0-5.el10_1
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 10
Default Statusaffected
Version
7:5.8.0-2.el10
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8
Default Statusaffected
Version
8100020250911075811.afee755d
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
Default Statusaffected
Version
8060020250919150821.3b538bd8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
Default Statusaffected
Version
8060020250919150821.3b538bd8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
Default Statusaffected
Version
8060020250919150821.3b538bd8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Telecommunications Update Service
Default Statusaffected
Version
8080020250919060528.0f77c1b7
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions
Default Statusaffected
Version
8080020250919060528.0f77c1b7
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
5:5.4.0-13.el9_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
6:5.6.0-6.el9_7
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9
Default Statusaffected
Version
6:5.8.0-1.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
Default Statusaffected
Version
2:4.2.0-6.el9_0.5
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
Default Statusaffected
Version
2:4.4.1-22.el9_2.4
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Enterprise Linux 9.4 Extended Update Support
Default Statusaffected
Version
4:4.9.4-18.el9_4.3
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.12
Default Statusaffected
Version
0:4.18.0-372.164.1.el8_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.12
Default Statusaffected
Version
0:4.18.0-372.164.1.rt7.325.el8_6
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.12
Default Statusaffected
Version
3:4.2.0-15.rhaos4.12.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.12
Default Statusaffected
Version
412.86.202510291903-0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.13
Default Statusaffected
Version
413.92.202510150118-0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.14
Default Statusaffected
Version
0:5.14.0-284.138.1.el9_2
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.14
Default Statusaffected
Version
0:5.14.0-284.138.1.rt14.423.el9_2
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.14
Default Statusaffected
Version
3:4.4.1-23.rhaos4.14.el8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.14
Default Statusaffected
Version
414.92.202510211419-0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.15
Default Statusaffected
Version
0:5.14.0-284.138.1.el9_2
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.15
Default Statusaffected
Version
0:5.14.0-284.138.1.rt14.423.el9_2
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.15
Default Statusaffected
Version
3:4.4.1-35.rhaos4.15.el8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.16
Default Statusaffected
Version
4:2.237.0-2.rhaos4.16.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.16
Default Statusaffected
Version
0:4.16.0-202509111927.p2.gf3d9123.assembly.stream.el8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.16
Default Statusaffected
Version
4:4.9.4-16.rhaos4.16.el8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.17
Default Statusaffected
Version
417.94.202510112152-0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.18
Default Statusaffected
Version
4:2.237.0-1.rhaos4.18.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.18
Default Statusaffected
Version
0:1.31.12-3.rhaos4.18.gitdc59c78.el8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.18
Default Statusaffected
Version
0:5.14.0-427.87.1.el9_4
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.18
Default Statusaffected
Version
0:4.18.0-202509090932.p2.ga4cad44.assembly.stream.el8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.18
Default Statusaffected
Version
0:4.18.0-202509011551.p2.g018e43a.assembly.stream.el8
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.18
Default Statusaffected
Version
5:5.2.2-11.rhaos4.18.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.18
Default Statusaffected
Version
418.94.202510230424-0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.19
Default Statusaffected
Version
4:2.237.0-1.rhaos4.19.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.19
Default Statusaffected
Version
0:1.32.8-3.rhaos4.19.git60d4e21.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.19
Default Statusaffected
Version
0:4.19.0-202509070341.p2.gb5229e8.assembly.stream.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.19
Default Statusaffected
Version
5:5.4.0-7.rhaos4.19.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.19
Default Statusaffected
Version
4.19.9.6.202510140714-0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.20
Default Statusaffected
Version
5:5.4.0-12.rhaos4.20.el9
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4.20
Default Statusaffected
Version
4.20.9.6.202510220229-0
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat Hardened Images
Default Statusaffected
Version
5.8.2-1.hum1
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Dev Spaces (RHOSDS) 3.24
Default Statusaffected
Version
3.24-1760921292
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Dev Spaces (RHOSDS) 3.24
Default Statusaffected
Version
3.24-1761160160
Version <
*
Status
unaffected
HerstellerRed Hat
≫
Produkt
Red Hat OpenShift Container Platform 4
Default Statusaffected
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.01% | 0.585 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| secalert@redhat.com | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
|
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
https://access.redhat.com/security/cve/CVE-2025-9566
https://bugzilla.redhat.com/show_bug.cgi?id=2393152
https://access.redhat.com/errata/RHSA-2025:15900
https://access.redhat.com/errata/RHSA-2025:15901
https://access.redhat.com/errata/RHSA-2025:15904
https://access.redhat.com/errata/RHSA-2025:16480
https://access.redhat.com/errata/RHSA-2025:16482
https://access.redhat.com/errata/RHSA-2025:16481
https://access.redhat.com/errata/RHSA-2025:16488
https://access.redhat.com/errata/RHSA-2025:16515
https://access.redhat.com/errata/RHSA-2025:16724
https://access.redhat.com/errata/RHSA-2025:17669
https://access.redhat.com/errata/RHSA-2025:18218
https://access.redhat.com/errata/RHSA-2025:18217
https://access.redhat.com/errata/RHSA-2025:19094
https://access.redhat.com/errata/RHSA-2025:18240
https://access.redhat.com/errata/RHSA-2025:19046
https://access.redhat.com/errata/RHSA-2025:19041
https://access.redhat.com/errata/RHSA-2025:19002
https://access.redhat.com/errata/RHSA-2025:20909
https://access.redhat.com/errata/RHSA-2025:20983
https://access.redhat.com/errata/RHSA-2025:19894
https://access.redhat.com/errata/RHBA-2025:16158
https://access.redhat.com/errata/RHBA-2025:15692
https://access.redhat.com/errata/RHBA-2025:15712
https://access.redhat.com/errata/RHEA-2025:4782
https://access.redhat.com/errata/RHBA-2025:16163
https://github.com/containers/podman/commit/43fbde4e665fe6cee6921868f04b7ccd3de5ad89
https://github.com/containers/podman/security/advisories/GHSA-wp3j-xq48-xpjw
https://access.redhat.com/errata/RHSA-2026:8211
https://access.redhat.com/errata/RHSA-2026:18289
https://access.redhat.com/errata/RHSA-2026:18722