VYPR
High severity8.3OSV Advisory· Published Jun 24, 2025· Updated Apr 15, 2026

CVE-2025-6032

CVE-2025-6032

Description

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
github.com/containers/podman/v4Go
>= 4.8.0, <= 4.9.5
github.com/containers/podman/v5Go
< 5.5.25.5.2

Affected products

76

Patches

Vulnerability mechanics

References

19

News mentions

0

No linked articles in our index yet.