CVE-2025-9566

Aliases:GHSA-wp3j-xq48-xpjwGO-2025-3935

Advisory lineage Upstream: 0 Downstream: 36

Downstream

DEBIAN-CVE-2025-9566 OPENSUSE-SU-2025:15538-1 OPENSUSE-SU-2025:15845-1 OPENSUSE-SU-2026:20072-1 OPENSUSE-SU-2026:20305-1 RHBA-2025:15692

Deferred

Published: 05 Sept 2025, 19:54

Last modified:19 May 2026, 13:28

Vulnerability Summary

Overall Risk (default)

medium

32/100

CVSS Score

8.1 HIGH

v3.1 (cve.org)

EPSS Score

0.09% LOW

0% probability -0.02%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Sept 2025, 19:54

Published

Vulnerability first disclosed

19 May 2026, 13:28

Last Modified

Vulnerability information updated

Description

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file. Binary-Affected: podman Upstream-version-introduced: v4.0.0 Upstream-version-fixed: v5.6.1

CVSS Metrics

v3.1•HIGH•Score: 8.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

EPSS Trends

Current EPSS score: 0.09%• Percentile: 25%

Techniques & Countermeasures

CWE-22•Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

Affected Systems

github.com/containers•podman
all
github.com/containers/podman•v2
all
github.com/containers/podman•v3
all
github.com/containers/podman•v4
all | ≤ 4.9.5
github.com/containers/podman•v5
< 5.6.1