ALT-PU-2023-1353-2

Package update podman in branch sisyphus

Version4.4.2-alt1

Published2026-02-04

Max severityMEDIUM

Severity:

Closed issues (3)

MEDIUM6.8

Уязвимость программного средства управления и запуска OCI-контейнеров Podman операционных систем Red Hat Enterprise Linux, РедОС и корпоративной платформы Red Hat OpenShift Container Platform, позволяющая нарушителю получить доступ к произвольным файлам в файловой системе хоста

Published: 2023-07-18Modified: 2025-09-24

CVSS 3.xMEDIUM 6.8

CVSS:3.x/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

CVSS 2.0MEDIUM 6.6

CVSS:2.0/AV:N/AC:H/Au:S/C:C/I:C/A:N

References

CVE-2023-0778

MEDIUM6.8

A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.

Published: 2023-03-27Modified: 2025-02-24

CVSS 3.xMEDIUM 6.8

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

References

GHSA-qwqv-rqgf-8qh8

MEDIUM6.8

Podman Time-of-check Time-of-use (TOCTOU) Race Condition

Published: 2023-03-28Modified: 2024-05-21

CVSS 3.xMEDIUM 6.8

CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

References