VYPR

rpm package

suse/podman&distro=SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS

pkg:rpm/suse/podman&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS

Vulnerabilities (10)

  • CVE-2025-47913Nov 13, 2025
    affected < 4.9.5-150500.3.59.1fixed 4.9.5-150500.3.59.1

    SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.

  • CVE-2025-52881Nov 6, 2025
    affected < 4.9.5-150500.3.56.2fixed 4.9.5-150500.3.56.2

    runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7, 1.3.2 and 1.4.0-rc.2, an attacker can trick runc into misdirecting writes to /proc to other procfs files through the use of a racing container with shared mounts (we have

  • CVE-2025-52565Nov 6, 2025
    affected < 4.9.5-150500.3.56.2fixed 4.9.5-150500.3.56.2

    runc is a CLI tool for spawning and running containers according to the OCI specification. Versions 1.0.0-rc3 through 1.2.7, 1.3.0-rc.1 through 1.3.2, and 1.4.0-rc.1 through 1.4.0-rc.2, due to insufficient checks when bind-mounting `/dev/pts/$n` to `/dev/console` inside the conta

  • CVE-2025-31133Nov 6, 2025
    affected < 4.9.5-150500.3.56.2fixed 4.9.5-150500.3.56.2

    runc is a CLI tool for spawning and running containers according to the OCI specification. In versions 1.2.7 and below, 1.3.0-rc.1 through 1.3.1, 1.4.0-rc.1 and 1.4.0-rc.2 files, runc would not perform sufficient verification that the source of the bind-mount (i.e., the container

  • CVE-2025-9566HigSep 5, 2025
    affected < 4.9.5-150500.3.49.1fixed 4.9.5-150500.3.49.1

    There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only

  • CVE-2025-6032HigJun 24, 2025
    affected < 4.9.5-150500.3.46.1fixed 4.9.5-150500.3.46.1

    A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

  • CVE-2025-22869Feb 26, 2025
    affected < 4.9.5-150500.3.43.2fixed 4.9.5-150500.3.43.2

    SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted.

  • CVE-2025-27144MedFeb 24, 2025
    affected < 4.9.5-150500.3.43.2fixed 4.9.5-150500.3.43.2

    Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. In versions on the 4.x branch prior to version 4.0.5, when par

  • CVE-2024-11218HigJan 22, 2025
    affected < 4.9.5-150500.3.31.1fixed 4.9.5-150500.3.31.1

    A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and d

  • CVE-2024-6104Jun 24, 2024
    affected < 4.9.5-150500.3.43.2fixed 4.9.5-150500.3.43.2

    go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.