python3-podman vulnerabilities

Known vulnerabilities in the python3-podman package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Directory Traversal	<0:4.9.0-3.module+el8.10.0+90449+0b7c8529
M Information Exposure	<0:4.9.0-3.module+el8.10.0+90449+0b7c8529
H Improper Input Validation	<0:4.9.0-2.module+el8.10.0+90429+ee702c5c
H Directory Traversal	<0:4.9.0-2.module+el8.10.0+90429+ee702c5c
H Link Following	<0:4.9.0-2.module+el8.10.0+90429+ee702c5c
H CVE-2024-34155	<0:4.9.0-2.module+el8.10.0+90416+5b0f6a17
H CVE-2024-34156	<0:4.9.0-2.module+el8.10.0+90416+5b0f6a17
H CVE-2024-34158	<0:4.9.0-2.module+el8.10.0+90416+5b0f6a17
M CVE-2024-24791	<0:4.9.0-2.module+el8.10.0+90412+9b361f34
M CVE-2024-24788	<0:4.9.0-2.module+el8.10.0+90412+9b361f34
M CVE-2024-24784	<0:4.9.0-2.module+el8.10.0+90412+9b361f34
H CVE-2024-37298	<0:4.9.0-2.module+el8.10.0+90384+a78ffc57
H Memory Leak	<0:4.9.0-2.module+el8.10.0+90384+a78ffc57
M CVE-2024-24783	<0:4.9.0-2.module+el8.10.0+90412+9b361f34
H Improper Validation of Integrity Check Value	<0:4.9.0-2.module+el8.10.0+90384+a78ffc57
H CVE-2024-24789	<0:4.9.0-2.module+el8.10.0+90384+a78ffc57
H Information Exposure Through Log Files	<0:4.9.0-2.module+el8.10.0+90384+a78ffc57
H CVE-2023-45290	<0:4.9.0-2.module+el8.10.0+90416+5b0f6a17
M CVE-2024-28176	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M CVE-2024-28180	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
H CVE-2024-24786	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Information Exposure	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Improper Certificate Validation	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M CVE-2021-33198	<0:4.9.0-3.module+el8.10.0+90449+0b7c8529
M Improper Validation of Integrity Check Value	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Improper Check for Unusual or Exceptional Conditions	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Open Redirect	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
H Link Following	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M CVE-2023-39326	<0:4.0.0-2.module+el8.9.0+90165+ead7974e
M Information Exposure	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
H Exposure of Resource to Wrong Sphere	<0:4.0.0-2.module+el8.9.0+90148+6046e3c3
H HTTP Request Smuggling	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
H CVE-2022-41715	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Cross-site Scripting (XSS)	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Cross-site Scripting (XSS)	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M CVE-2023-39321	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Allocation of Resources Without Limits or Throttling	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Resource Exhaustion	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Allocation of Resources Without Limits or Throttling	<0:4.9.0-1.module+el8.10.0+90298+77a9814d
M Arbitrary Code Injection	<0:4.0.0-2.module+el8.9.0+90044+a34bc939
M Interpretation Conflict	<0:4.0.0-2.module+el8.9.0+90086+8f2d6fb1
M Incorrect Authorization	<0:4.6.0-1.module+el8.9.0+90021+ce997450
M Cross-site Scripting (XSS)	<0:4.6.0-1.module+el8.9.0+90021+ce997450
M CVE-2022-41723	<0:4.6.0-1.module+el8.9.0+90021+ce997450
M Arbitrary Code Injection	<0:4.6.0-1.module+el8.9.0+90021+ce997450
M Resource Exhaustion	<0:4.0.0-2.module+el8.9.0+90044+a34bc939
M Resource Exhaustion	<0:4.0.0-2.module+el8.9.0+90044+a34bc939
M Allocation of Resources Without Limits or Throttling	<0:4.0.0-2.module+el8.9.0+90044+a34bc939
M Resource Exhaustion	<0:4.6.0-1.module+el8.9.0+90021+ce997450
M Allocation of Resources Without Limits or Throttling	<0:4.6.0-1.module+el8.9.0+90021+ce997450
M Arbitrary Code Injection	<0:4.6.0-1.module+el8.9.0+90021+ce997450
M CVE-2023-24540	<0:4.6.0-1.module+el8.9.0+90021+ce997450
M Integer Overflow or Wraparound	<0:4.6.0-1.module+el8.9.0+90021+ce997450
H Use of Incorrectly-Resolved Name or Reference	<0:4.4.1-1.module+el8.8.0+21045+adcb6a64
H Link Following	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
H Improper Preservation of Permissions	<0:4.4.1-1.module+el8.8.0+21045+adcb6a64
M Time-of-check Time-of-use (TOCTOU)	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
M Allocation of Resources Without Limits or Throttling	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
M Placement of User into Incorrect Group	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
M Race Condition	<0:4.2.0-1.module+el8.7.0+20873+328b8baa
L Placement of User into Incorrect Group	<0:4.2.1-1.module+el8.7.0+20877+e0f9ac15
M Incorrect Default Permissions	<0:4.2.0-1.module+el8.7.0+20873+328b8baa
M Access of Resource Using Incompatible Type ('Type Confusion')	<0:4.2.0-1.module+el8.7.0+20873+328b8baa
M CVE-2022-27191	<0:4.0.0-1.module+el8.7.0+20872+81cbf159
M CVE-2022-27664	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
M CVE-2022-32189	<0:4.4.1-1.module+el8.8.0+21045+adcb6a64
M Allocation of Resources Without Limits or Throttling	<0:4.2.0-1.module+el8.7.0+20873+328b8baa
M Uncontrolled Recursion	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
M Uncontrolled Recursion	<0:4.4.1-1.module+el8.8.0+21045+adcb6a64
M CVE-2022-32148	<0:4.4.1-1.module+el8.8.0+21045+adcb6a64
M Uncontrolled Recursion	<0:4.4.1-1.module+el8.8.0+21045+adcb6a64
M Uncontrolled Recursion	<0:4.4.1-1.module+el8.8.0+21045+adcb6a64
M HTTP Request Smuggling	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
M Uncontrolled Recursion	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
M Uncontrolled Recursion	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
M Uncontrolled Recursion	<0:4.0.0-1.module+el8.8.0+20984+ab6ce66c
M Use of Insufficiently Random Values	<0:4.4.1-1.module+el8.8.0+21045+adcb6a64
H Incorrect Default Permissions	<0:4.0.0-1.module+el8.6.0+20656+53f7e955
H Allocation of Resources Without Limits or Throttling	<0:4.0.0-1.module+el8.6.0+20656+53f7e955
H Improper Privilege Management	<0:4.0.0-1.module+el8.6.0+20656+53f7e955
H Incorrect Default Permissions	<0:4.0.0-1.module+el8.6.0+20656+53f7e955
H Incorrect Default Permissions	<0:4.0.0-1.module+el8.6.0+20656+53f7e955
M Improper Cross-boundary Removal of Sensitive Data	<0:3.2.0-2.module+el8.5.0+20416+d687fed7
M Improper Locking	<0:3.2.0-2.module+el8.5.0+20416+d687fed7

Vulnerability

Vulnerable Version

Directory Traversal

<0:4.9.0-3.module+el8.10.0+90449+0b7c8529

Information Exposure

<0:4.9.0-3.module+el8.10.0+90449+0b7c8529

Improper Input Validation

<0:4.9.0-2.module+el8.10.0+90429+ee702c5c

Directory Traversal

<0:4.9.0-2.module+el8.10.0+90429+ee702c5c

Link Following

<0:4.9.0-2.module+el8.10.0+90429+ee702c5c

CVE-2024-34155

<0:4.9.0-2.module+el8.10.0+90416+5b0f6a17

CVE-2024-34156

<0:4.9.0-2.module+el8.10.0+90416+5b0f6a17

CVE-2024-34158

<0:4.9.0-2.module+el8.10.0+90416+5b0f6a17

CVE-2024-24791

<0:4.9.0-2.module+el8.10.0+90412+9b361f34

CVE-2024-24788

<0:4.9.0-2.module+el8.10.0+90412+9b361f34

CVE-2024-24784

<0:4.9.0-2.module+el8.10.0+90412+9b361f34

CVE-2024-37298

<0:4.9.0-2.module+el8.10.0+90384+a78ffc57

Memory Leak

<0:4.9.0-2.module+el8.10.0+90384+a78ffc57

CVE-2024-24783

<0:4.9.0-2.module+el8.10.0+90412+9b361f34

Improper Validation of Integrity Check Value

<0:4.9.0-2.module+el8.10.0+90384+a78ffc57

CVE-2024-24789

<0:4.9.0-2.module+el8.10.0+90384+a78ffc57

Information Exposure Through Log Files

<0:4.9.0-2.module+el8.10.0+90384+a78ffc57

CVE-2023-45290

<0:4.9.0-2.module+el8.10.0+90416+5b0f6a17

CVE-2024-28176