EPSS
Percentile
27.5%
podman is vulnerable to Time-of-Check Time-of-Use. A remote authenticated attacker is able to replace a normal file in a volume with a symlink, which allows access to arbitrary files on the host file system, resulting in race conditions.
bugzilla.redhat.com/show_bug.cgi?id=2168256
github.com/advisories/GHSA-qwqv-rqgf-8qh8
github.com/containers/podman/commit/f17495e141e6cd83bf6875cd3aae661898073cc5
github.com/containers/podman/pull/17528
github.com/containers/podman/pull/17532