podman (SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS package podman, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2022-27649 — CVSS 7.5 (high): A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. A vulnerability was found in Moby…
CVE-2021-20206 — CVSS 7.2 (high): An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1. When specifying the plugin to load…
CVE-2022-2989 — CVSS 7.1 (high): An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or…
CVE-2023-0778 — CVSS 6.8 (medium): A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume…
CVE-2021-4024 — CVSS 6.5 (medium): A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process)…
CVE-2021-20199 — CVSS 5.9 (medium): Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts…
CVE-2021-41190 — CVSS 3.0 (low): The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI…