podman (SUSE:Linux Enterprise Module for Containers 15 SP1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Containers 15 SP1 package podman, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVE-2018-15664 — CVSS 7.5 (high): In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with…
CVE-2019-10152 — CVSS 7.2 (high): A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An…
CVE-2020-1726 — CVSS 5.9 (medium): A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they…
CVE-2019-10214 — CVSS 5.9 (medium): The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in…
CVE-2019-18466 — CVSS 5.5 (medium): An issue was discovered in Podman in libpod before 1.6.0. It resolves a symlink in the host context during a copy operation from the…
CVE-2020-14370 — CVSS 5.3 (medium): An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or…