Home/Product/podman project podman
Product

podman project podman

15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-33414
>= 4.8.0 and < 5.8.2
Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in t
7.8HIGH
 CVE-2024-3056
<= 5.2.0
A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to shar
7.7HIGH
 CVE-2023-0778
all versions
A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a
6.8MEDIUM
 CVE-2022-4123
all versions
A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal,
3.3LOW
 CVE-2022-4122
all versions
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in
5.3MEDIUM
 CVE-2022-2989
all versions
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosur
7.1HIGH
 CVE-2022-2739
all versions
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version
5.3MEDIUM
 CVE-2022-2738
all versions
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version
7.5HIGH
 CVE-2019-25067
all versions
A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the comp
6.3MEDIUM
 CVE-2022-1227
< 4.0.0
A privilege escalation flaw was found in Podman. This flaw allows an attacker to publish a malicious image to a public registry. O
8.8HIGH
 CVE-2022-27649
< 4.0.3
A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was foun
7.5HIGH
 CVE-2021-4024
>= 3.3.0 and < 3.4.3
A flaw was found in podman. The podman machine function (used to create and manage Podman virtual machine containing a Podman pr
6.5MEDIUM
 CVE-2021-20188
< 1.7.0
A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly c
7.0HIGH
 CVE-2021-20199
>= 1.8.0 and < 3.0.0
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This
5.9MEDIUM
 CVE-2020-14370
< 2.0.5
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink
5.3MEDIUM
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin