podman-docker

Direct Vulnerabilities

Known vulnerabilities in the podman-docker package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Cross-site Scripting (XSS)

*
  • H
Cross-site Scripting (XSS)

*
  • H
Improper Control of Dynamically-Identified Variables

*
  • H
NULL Pointer Dereference

*
  • M
Cross-site Scripting (XSS)

*
  • M
Link Following

*
  • M
Cross-site Scripting (XSS)

*
  • H
Improper Preservation of Permissions

*
  • M
External Control of Assumed-Immutable Web Parameter

*
  • M
Improper Validation of Specified Type of Input

*
  • H
Missing Release of Resource after Effective Lifetime

*
  • H
Improper Certificate Validation

*
  • M
Improper Output Neutralization for Logs

*
  • H
Improper Validation of Specified Quantity in Input

*
  • L
Missing Release of Resource after Effective Lifetime

*
  • M
Improper Validation of Unsafe Equivalence in Input

*
  • H
Multiple Locks of a Critical Resource

<7:5.8.2-3.el10_2
  • M
HTTP Request Smuggling

*
  • H
Allocation of Resources Without Limits or Throttling

<7:5.8.2-3.el10_2
  • M
Excessive Platform Resource Consumption within a Loop

<7:5.8.2-3.el10_2
  • M
Cross-site Scripting (XSS)

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Incorrect Calculation of Buffer Size

<7:5.8.2-1.el10_2
  • H
Incorrect Behavior Order: Authorization Before Parsing and Canonicalization

*
  • H
Improper Validation of Syntactic Correctness of Input

<7:5.8.2-1.el10_2
  • M
CVE-2025-68121

<7:5.6.0-12.el10_1
  • M
Directory Traversal

*
  • M
Resource Exhaustion

*
  • H
Allocation of Resources Without Limits or Throttling

<7:5.6.0-12.el10_1
  • M
Allocation of Resources Without Limits or Throttling

<7:5.6.0-12.el10_1
  • M
Directory Traversal

*
  • M
Server-Side Request Forgery (SSRF)

*
  • M
NULL Pointer Dereference

*
  • M
Server-Side Request Forgery (SSRF)

*
  • H
Excessive Platform Resource Consumption within a Loop

<7:5.6.0-12.el10_1
  • M
Improper Certificate Validation

*
  • H
Reachable Assertion

<7:5.6.0-11.el10_1
  • M
Creation of Immutable Text Using String Concatenation

*
  • M
Allocation of Resources Without Limits or Throttling

<7:5.6.0-8.el10_1
  • H
Link Following

<7:5.6.0-6.el10_1
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Output Neutralization for Logs

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Expected Behavior Violation

*
  • M
Expected Behavior Violation

*
  • M
CVE-2025-4673

*
  • H
Directory Traversal

<7:5.8.0-2.el10
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Race Condition

<7:5.6.0-5.el10_1
  • M
Improper Input Validation

*
  • M
Information Exposure

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Improper Input Validation

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improper Input Validation

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • H
Improper Privilege Management

*
  • M
Directory Traversal

*
  • H
Improper Certificate Validation

<6:5.4.0-12.el10_0
  • M
HTTP Request Smuggling

<6:5.4.0-10.el10_0
  • M
Allocation of Resources Without Limits or Throttling

<6:5.4.0-9.el10_0
  • H
Allocation of Resources Without Limits or Throttling

<6:5.4.0-9.el10_0