CNNVD-202509-2483 Information

CNNVD ID

CNNVD-202509-2483

Related CVE

CVE-2025-4953

• CNNVD Published: 2025-09-16

Description (Chinese)

Podman是Podman开源的一款用于在Linux系统上开发、管理和运行OCI容器的引擎。 Podman存在安全漏洞，该漏洞源于RUN –mount=type=bind挂载的数据在podman build期间未被丢弃，可能导致容器内创建的文件出现在主机临时构建上下文目录中。

Description (English)

Podman is a Podman open source for the development, management and operation of an engine for OCI containers on Linux. Podman has a security loophole, which stems from the fact that the data mounted by RUN-mount= type=bind were not discarded during the Podman build, which may result in the files created within the container being found in the host ’ s temporary context directory.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Polkadot EVM

Published

2025-09-16

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/CVE-2025-4953 https://bugzilla.redhat.com/show_bug.cgi?id=2367235

Patch

https://podman.io/