container-tools:rhel8/podman vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the container-tools:rhel8/podman package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Directory Traversal	<4:4.9.4-18.module_el8.10.0+3926+f12484f5
M Information Exposure	<4:4.9.4-18.module_el8.10.0+3926+f12484f5
M CVE-2021-33198	<4:4.9.4-18.module_el8.10.0+3926+f12484f5
H Directory Traversal	<4:4.9.4-15.module_el8.10.0+3909+6e1c1eb7
H Improper Input Validation	<4:4.9.4-15.module_el8.10.0+3909+6e1c1eb7
H Link Following	<4:4.9.4-15.module_el8.10.0+3909+6e1c1eb7
H CVE-2024-34158	<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a
H CVE-2024-34156	<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a
H CVE-2024-34155	<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a
M CVE-2024-24791	<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a
M CVE-2024-24788	<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a
H Information Exposure Through Log Files	<4:4.9.4-12.module_el8.10.0+3876+e55593a8
H CVE-2024-37298	<4:4.9.4-12.module_el8.10.0+3876+e55593a8
H Improper Validation of Integrity Check Value	<4:4.9.4-12.module_el8.10.0+3876+e55593a8
H CVE-2024-24789	<4:4.9.4-12.module_el8.10.0+3876+e55593a8
M CVE-2024-24784	<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a
M CVE-2024-24783	<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a
H Memory Leak	<4:4.9.4-12.module_el8.10.0+3876+e55593a8
H CVE-2023-45290	<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a
M CVE-2024-28176	<4:4.9.4-3.module_el8.10.0+3858+6ad51f9f
M CVE-2024-28180	<4:4.9.4-3.module_el8.10.0+3858+6ad51f9f
M CVE-2024-24786	<4:4.9.4-4.module_el8.10.0+3862+c5a22a8d
H CVE-2022-41715	<4:4.9.4-1.module_el8.10.0+3845+87b84552
H HTTP Request Smuggling	<4:4.9.4-1.module_el8.10.0+3845+87b84552
H Link Following	<4:4.9.4-1.module_el8.10.0+3845+87b84552
H Exposure of Resource to Wrong Sphere	<3:4.6.1-8.module_el8.9.0+3717+81096349
M Cross-site Scripting (XSS)	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Interpretation Conflict	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Arbitrary Code Injection	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Link Following	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Use of Incorrectly-Resolved Name or Reference	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Improper Preservation of Permissions	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Incorrect Authorization	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M CVE-2023-24540	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Arbitrary Code Injection	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Arbitrary Code Injection	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Integer Overflow or Wraparound	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Allocation of Resources Without Limits or Throttling	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Resource Exhaustion	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Allocation of Resources Without Limits or Throttling	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Resource Exhaustion	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M CVE-2022-41723	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
M Resource Exhaustion	<3:4.6.1-4.module_el8.9.0+3643+9234dc3b
L Placement of User into Incorrect Group	<3:4.2.0-4.module_el8.7.0+3344+484dae7b
M Time-of-check Time-of-use (TOCTOU)	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M CVE-2022-32189	<3:4.4.1-8.module_el8.8.0+3568+e8578284
L Placement of User into Incorrect Group	<3:4.2.0-4.module_el8.7.0+3344+484dae7b
M CVE-2022-27664	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M CVE-2022-32148	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M Uncontrolled Recursion	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M Uncontrolled Recursion	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M Uncontrolled Recursion	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M Uncontrolled Recursion	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M Uncontrolled Recursion	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M Uncontrolled Recursion	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M Uncontrolled Recursion	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M HTTP Request Smuggling	<3:4.4.1-8.module_el8.8.0+3568+e8578284
H Incorrect Default Permissions	<2:4.0.2-6.module_el8.6.0+2878+e681bc44
H Incorrect Default Permissions	<2:4.0.2-6.module_el8.6.0+2878+e681bc44
H Incorrect Default Permissions	<2:4.0.2-6.module_el8.6.0+2878+e681bc44
H Allocation of Resources Without Limits or Throttling	<2:4.0.2-6.module_el8.6.0+2878+e681bc44
H Improper Privilege Management	<2:4.0.2-6.module_el8.6.0+2878+e681bc44
M Allocation of Resources Without Limits or Throttling	<3:4.4.1-8.module_el8.8.0+3568+e8578284
M Use of Insufficiently Random Values	<3:4.4.1-8.module_el8.8.0+3568+e8578284

Vulnerability

Vulnerable Version

Directory Traversal

<4:4.9.4-18.module_el8.10.0+3926+f12484f5

Information Exposure

<4:4.9.4-18.module_el8.10.0+3926+f12484f5

CVE-2021-33198

<4:4.9.4-18.module_el8.10.0+3926+f12484f5

Directory Traversal

<4:4.9.4-15.module_el8.10.0+3909+6e1c1eb7

Improper Input Validation

<4:4.9.4-15.module_el8.10.0+3909+6e1c1eb7

Link Following

<4:4.9.4-15.module_el8.10.0+3909+6e1c1eb7

CVE-2024-34158

<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a

CVE-2024-34156

<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a

CVE-2024-34155

<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a

CVE-2024-24791

<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a

CVE-2024-24788

<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a

Information Exposure Through Log Files

<4:4.9.4-12.module_el8.10.0+3876+e55593a8

CVE-2024-37298

<4:4.9.4-12.module_el8.10.0+3876+e55593a8

Improper Validation of Integrity Check Value

<4:4.9.4-12.module_el8.10.0+3876+e55593a8

CVE-2024-24789

<4:4.9.4-12.module_el8.10.0+3876+e55593a8

CVE-2024-24784

<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a

CVE-2024-24783

<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a

Memory Leak

<4:4.9.4-12.module_el8.10.0+3876+e55593a8

CVE-2023-45290

<4:4.9.4-13.module_el8.10.0+3898+7a25cb1a

CVE-2024-28176

<4:4.9.4-3.module_el8.10.0+3858+6ad51f9f

CVE-2024-28180

<4:4.9.4-3.module_el8.10.0+3858+6ad51f9f

CVE-2024-24786

<4:4.9.4-4.module_el8.10.0+3862+c5a22a8d

CVE-2022-41715

<4:4.9.4-1.module_el8.10.0+3845+87b84552

HTTP Request Smuggling

<4:4.9.4-1.module_el8.10.0+3845+87b84552

Link Following

<4:4.9.4-1.module_el8.10.0+3845+87b84552

Exposure of Resource to Wrong Sphere

<3:4.6.1-8.module_el8.9.0+3717+81096349

Cross-site Scripting (XSS)