CVE-2025-9566 — Path Traversal in Containers Podman V5

CWE-22 — Path Traversal CWE-61 — UNIX Symbolic Link (Symlink) Following9 documents7 sources

Severity

8.1HIGHNVD

EPSS

0.1%

top 83.11%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Podman Project Podman Github.com Containers Podman V5 Github.com Containers Podman V4

Timeline

PublishedSep 5

Latest updateSep 9

Description

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:HExploitability: 2.8 | Impact: 5.2

Affected Packages3 packages

▶Gogithub.com/containers_podman_v5< 5.6.1

▶Gogithub.com/containers_podman_v44.9.5

▶Debianpodman_project/podman< 5.6.1+ds1-2

🔴Vulnerability Details

OSV

podman kube play symlink traversal vulnerability in github.com/containers/podman↗2025-09-08

▶

OSV

CVE-2025-9566: There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a↗2025-09-05

▶

CVEList

Podman: podman kube play command may overwrite host files↗2025-09-05

▶

GHSA

podman kube play symlink traversal vulnerability↗2025-09-04

▶

OSV

podman kube play symlink traversal vulnerability↗2025-09-04

▶

📋Vendor Advisories

Microsoft

Podman: podman kube play command may overwrite host files↗2025-09-09

▶

Red Hat

podman: Podman kube play command may overwrite host files↗2025-09-04

▶

Debian

CVE-2025-9566: libpod - There's a vulnerability in podman where an attacker may use the kube play comman...↗2025

▶