[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2025-9566":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":40,"aliases":41,"duplicate_of":9,"upstream":44,"downstream":45,"duplicates":118,"related":119,"reserved_at":9,"published_at":142,"modified_at":143,"state":144,"summary":145,"references_raw":154,"kevs":301,"epss":302,"epss_history":305,"metrics":573,"affected":583},"CVE-2025-9566","There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the target file to be overwritten but not the content to be written into the file.\n\nBinary-Affected: podman\nUpstream-version-introduced: v4.0.0\nUpstream-version-fixed: v5.6.1",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-22","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-126","Path Traversal",[],{"id":25,"name":26,"techniques":27},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":29,"name":30,"techniques":31},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":33,"name":34,"techniques":35},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":37,"name":38,"techniques":39},"CAPEC-79","Using Slashes in Alternate Encoding",[],[],[42,43],"GHSA-wp3j-xq48-xpjw","GO-2025-3935",[],[46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116],{"_key":47},"SUSE-SU-2025:03534-1",{"_key":49},"SUSE-SU-2025:03584-1",{"_key":51},"SUSE-SU-2025:03289-1",{"_key":53},"SUSE-SU-2025:3782-1",{"_key":55},"SUSE-SU-2025:20869-1",{"_key":57},"SUSE-SU-2025:20899-1",{"_key":59},"SUSE-SU-2026:20103-1",{"_key":61},"SUSE-SU-2026:20116-1",{"_key":63},"SUSE-SU-2026:20626-1",{"_key":65},"SUSE-SU-2026:20641-1",{"_key":67},"OPENSUSE-SU-2025:15538-1",{"_key":69},"OPENSUSE-SU-2025:15845-1",{"_key":71},"OPENSUSE-SU-2026:20072-1",{"_key":73},"OPENSUSE-SU-2026:20305-1",{"_key":75},"DEBIAN-CVE-2025-9566",{"_key":77},"RHBA-2025:15692",{"_key":79},"RHBA-2025:15712",{"_key":81},"RHBA-2025:16158",{"_key":83},"RHBA-2025:16163",{"_key":85},"RHEA-2025:4782",{"_key":87},"RHSA-2025:15900",{"_key":89},"RHSA-2025:15901",{"_key":91},"RHSA-2025:15904",{"_key":93},"RHSA-2025:16480",{"_key":95},"RHSA-2025:16481",{"_key":97},"RHSA-2025:16482",{"_key":99},"RHSA-2025:16488",{"_key":101},"RHSA-2025:16515",{"_key":103},"RHSA-2025:16724",{"_key":105},"RHSA-2025:17669",{"_key":107},"RHSA-2026:18289",{"_key":109},"RHSA-2026:18722",{"_key":111},"RHSA-2026:8211",{"_key":113},"UBUNTU-CVE-2025-9566",{"_key":115},"RHSA-2025:20909",{"_key":117},"RHSA-2025:20983",[],[120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,136,138,140],{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":135},"CGA-3HMX-W652-9M74",{"_key":137},"CGA-4GH3-F9GJ-7298",{"_key":139},"CGA-WHMF-2F99-945Q",{"_key":141},"CGA-9R3W-8R8P-GQ99","2025-09-05T19:54:30.503Z","2026-05-19T13:28:41.608Z","Deferred",{"cisa_kev":146,"cisa_ransomware":146,"cisa_vendor":9,"epss_severity":147,"epss_score":148,"severity":149,"severity_score":150,"severity_version":151,"severity_source":152,"severity_vector":153,"severity_status":144},false,"low",0.00086,"high",8.1,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",[155,164,168,172,176,180,184,188,192,196,200,204,208,212,216,220,224,228,232,237,242,247,251,256,261,265,269,273,277,281,285,289,293,297],{"url":156,"sources":157,"tags":160},"https://access.redhat.com/errata/RHSA-2025:15900",[152,158,159],"nvd","osv_go",[161,162,163],"Vendor Advisory","X Refsource REDHAT","WEB",{"url":165,"sources":166,"tags":167},"https://access.redhat.com/errata/RHSA-2025:15901",[152,158,159],[161,162,163],{"url":169,"sources":170,"tags":171},"https://access.redhat.com/errata/RHSA-2025:15904",[152,158,159],[161,162,163],{"url":173,"sources":174,"tags":175},"https://access.redhat.com/errata/RHSA-2025:16480",[152,158,159],[161,162,163],{"url":177,"sources":178,"tags":179},"https://access.redhat.com/errata/RHSA-2025:16481",[152,158,159],[161,162,163],{"url":181,"sources":182,"tags":183},"https://access.redhat.com/errata/RHSA-2025:16482",[152,158,159],[161,162,163],{"url":185,"sources":186,"tags":187},"https://access.redhat.com/errata/RHSA-2025:16488",[152,158,159],[161,162,163],{"url":189,"sources":190,"tags":191},"https://access.redhat.com/errata/RHSA-2025:16515",[152,158,159],[161,162,163],{"url":193,"sources":194,"tags":195},"https://access.redhat.com/errata/RHSA-2025:18217",[152,158,159],[161,162,163],{"url":197,"sources":198,"tags":199},"https://access.redhat.com/errata/RHSA-2025:18218",[152,158,159],[161,162,163],{"url":201,"sources":202,"tags":203},"https://access.redhat.com/errata/RHSA-2025:18240",[152,158,159],[161,162,163],{"url":205,"sources":206,"tags":207},"https://access.redhat.com/errata/RHSA-2025:19002",[152,158,159],[161,162,163],{"url":209,"sources":210,"tags":211},"https://access.redhat.com/errata/RHSA-2025:19041",[152,158,159],[161,162,163],{"url":213,"sources":214,"tags":215},"https://access.redhat.com/errata/RHSA-2025:19046",[152,158,159],[161,162,163],{"url":217,"sources":218,"tags":219},"https://access.redhat.com/errata/RHSA-2025:19094",[152,158,159],[161,162,163],{"url":221,"sources":222,"tags":223},"https://access.redhat.com/errata/RHSA-2025:19894",[152,158,159],[161,162,163],{"url":225,"sources":226,"tags":227},"https://access.redhat.com/errata/RHSA-2025:20909",[152,158,159],[161,162,163],{"url":229,"sources":230,"tags":231},"https://access.redhat.com/errata/RHSA-2025:20983",[152,158,159],[161,162,163],{"url":233,"sources":234,"tags":235},"https://access.redhat.com/security/cve/CVE-2025-9566",[152,158,159],[236,162,163],"VDB Entry",{"url":238,"sources":239,"tags":240},"https://bugzilla.redhat.com/show_bug.cgi?id=2393152",[152,158,159],[241,162,163],"Issue Tracking",{"url":243,"sources":244,"tags":245},"https://github.com/containers/podman/security/advisories/GHSA-wp3j-xq48-xpjw",[159,152,158],[163,246],"Advisory",{"url":248,"sources":249,"tags":250},"https://nvd.nist.gov/vuln/detail/CVE-2025-9566",[159],[246],{"url":252,"sources":253,"tags":254},"https://github.com/containers/podman/commit/43fbde4e665fe6cee6921868f04b7ccd3de5ad89",[159,152,158],[163,255],"FIX",{"url":257,"sources":258,"tags":259},"https://github.com/containers/podman",[159],[260],"PACKAGE",{"url":262,"sources":263,"tags":264},"https://access.redhat.com/errata/RHBA-2025:16158",[152,158,159],[161,162,163],{"url":266,"sources":267,"tags":268},"https://access.redhat.com/errata/RHSA-2025:16724",[152,158,159],[161,162,163],{"url":270,"sources":271,"tags":272},"https://access.redhat.com/errata/RHBA-2025:15692",[152,158,159],[161,162,163],{"url":274,"sources":275,"tags":276},"https://access.redhat.com/errata/RHBA-2025:15712",[152,158,159],[161,162,163],{"url":278,"sources":279,"tags":280},"https://access.redhat.com/errata/RHEA-2025:4782",[152,158,159],[161,162,163],{"url":282,"sources":283,"tags":284},"https://access.redhat.com/errata/RHSA-2025:17669",[152,158,159],[161,162,163],{"url":286,"sources":287,"tags":288},"https://access.redhat.com/errata/RHBA-2025:16163",[152,158,159],[161,162,163],{"url":290,"sources":291,"tags":292},"https://access.redhat.com/errata/RHSA-2026:8211",[152,158,159],[161,162,163],{"url":294,"sources":295,"tags":296},"https://access.redhat.com/errata/RHSA-2026:18289",[152,158,159],[161,162,163],{"url":298,"sources":299,"tags":300},"https://access.redhat.com/errata/RHSA-2026:18722",[152,158,159],[161,162,163],[],{"date":303,"score":148,"percentile":304},"2026-06-05",0.24957,[306,310,313,316,318,321,324,327,330,334,337,340,343,346,349,352,355,358,361,364,367,370,373,376,379,382,385,388,391,394,397,400,402,404,407,410,413,416,419,422,425,427,430,433,436,439,442,445,448,451,454,457,460,463,465,468,471,474,477,480,483,486,489,493,496,499,502,505,508,511,514,517,519,522,525,527,530,533,536,539,542,545,548,551,554,557,560,563,566,570],{"date":307,"score":308,"percentile":309},"2025-11-04",0.00095,0.27136,{"date":311,"score":308,"percentile":312},"2025-11-05",0.27124,{"date":314,"score":308,"percentile":315},"2025-11-06",0.27134,{"date":317,"score":308,"percentile":315},"2025-11-07",{"date":319,"score":308,"percentile":320},"2025-11-08",0.27128,{"date":322,"score":308,"percentile":323},"2025-11-09",0.27085,{"date":325,"score":308,"percentile":326},"2025-11-10",0.27051,{"date":328,"score":308,"percentile":329},"2025-11-11",0.27076,{"date":331,"score":332,"percentile":333},"2025-11-12",0.0011,0.30058,{"date":335,"score":332,"percentile":336},"2025-11-13",0.30074,{"date":338,"score":332,"percentile":339},"2025-11-14",0.30072,{"date":341,"score":332,"percentile":342},"2025-11-15",0.30067,{"date":344,"score":332,"percentile":345},"2025-11-16",0.3004,{"date":347,"score":332,"percentile":348},"2025-11-17",0.3002,{"date":350,"score":332,"percentile":351},"2025-11-18",0.25034,{"date":353,"score":332,"percentile":354},"2025-11-19",0.25059,{"date":356,"score":332,"percentile":357},"2025-11-20",0.25068,{"date":359,"score":332,"percentile":360},"2025-11-21",0.30059,{"date":362,"score":332,"percentile":363},"2025-11-22",0.30066,{"date":365,"score":332,"percentile":366},"2025-11-23",0.30032,{"date":368,"score":332,"percentile":369},"2025-11-24",0.30009,{"date":371,"score":332,"percentile":372},"2025-11-25",0.30003,{"date":374,"score":332,"percentile":375},"2025-11-26",0.30001,{"date":377,"score":332,"percentile":378},"2025-11-27",0.30014,{"date":380,"score":332,"percentile":381},"2025-11-28",0.29991,{"date":383,"score":332,"percentile":384},"2025-11-29",0.29981,{"date":386,"score":332,"percentile":387},"2025-11-30",0.29958,{"date":389,"score":332,"percentile":390},"2025-12-01",0.30026,{"date":392,"score":332,"percentile":393},"2025-12-02",0.30055,{"date":395,"score":332,"percentile":396},"2025-12-03",0.30061,{"date":398,"score":332,"percentile":399},"2025-12-04",0.29969,{"date":401,"score":332,"percentile":369},"2025-12-05",{"date":403,"score":332,"percentile":369},"2025-12-06",{"date":405,"score":332,"percentile":406},"2025-12-07",0.29984,{"date":408,"score":332,"percentile":409},"2025-12-08",0.2999,{"date":411,"score":332,"percentile":412},"2025-12-09",0.30048,{"date":414,"score":332,"percentile":415},"2025-12-10",0.30112,{"date":417,"score":332,"percentile":418},"2025-12-11",0.30141,{"date":420,"score":332,"percentile":421},"2025-12-12",0.30163,{"date":423,"score":332,"percentile":424},"2025-12-13",0.30166,{"date":426,"score":332,"percentile":418},"2025-12-14",{"date":428,"score":332,"percentile":429},"2025-12-15",0.30111,{"date":431,"score":332,"percentile":432},"2025-12-16",0.30128,{"date":434,"score":332,"percentile":435},"2025-12-17",0.3017,{"date":437,"score":332,"percentile":438},"2025-12-18",0.30219,{"date":440,"score":332,"percentile":441},"2025-12-19",0.30232,{"date":443,"score":332,"percentile":444},"2025-12-20",0.30211,{"date":446,"score":332,"percentile":447},"2025-12-21",0.30162,{"date":449,"score":332,"percentile":450},"2025-12-22",0.30121,{"date":452,"score":332,"percentile":453},"2025-12-23",0.30096,{"date":455,"score":332,"percentile":456},"2025-12-24",0.30103,{"date":458,"score":332,"percentile":459},"2025-12-25",0.30175,{"date":461,"score":332,"percentile":462},"2025-12-26",0.30172,{"date":464,"score":332,"percentile":459},"2025-12-27",{"date":466,"score":332,"percentile":467},"2025-12-28",0.30095,{"date":469,"score":332,"percentile":470},"2025-12-29",0.30068,{"date":472,"score":332,"percentile":473},"2025-12-30",0.30069,{"date":475,"score":332,"percentile":476},"2025-12-31",0.3012,{"date":478,"score":332,"percentile":479},"2026-01-01",0.30246,{"date":481,"score":332,"percentile":482},"2026-01-02",0.30239,{"date":484,"score":332,"percentile":485},"2026-01-03",0.30216,{"date":487,"score":332,"percentile":488},"2026-01-04",0.30091,{"date":490,"score":491,"percentile":492},"2026-01-05",0.00146,0.35475,{"date":494,"score":491,"percentile":495},"2026-01-06",0.35487,{"date":497,"score":491,"percentile":498},"2026-01-07",0.35505,{"date":500,"score":491,"percentile":501},"2026-01-08",0.35537,{"date":503,"score":491,"percentile":504},"2026-01-09",0.35534,{"date":506,"score":491,"percentile":507},"2026-01-10",0.35536,{"date":509,"score":491,"percentile":510},"2026-01-11",0.35516,{"date":512,"score":491,"percentile":513},"2026-01-12",0.35456,{"date":515,"score":491,"percentile":516},"2026-01-13",0.35442,{"date":518,"score":491,"percentile":495},"2026-01-14",{"date":520,"score":491,"percentile":521},"2026-01-15",0.35474,{"date":523,"score":491,"percentile":524},"2026-01-16",0.35493,{"date":526,"score":491,"percentile":492},"2026-01-17",{"date":528,"score":491,"percentile":529},"2026-01-18",0.35416,{"date":531,"score":491,"percentile":532},"2026-01-19",0.35377,{"date":534,"score":491,"percentile":535},"2026-01-20",0.35359,{"date":537,"score":491,"percentile":538},"2026-01-21",0.35338,{"date":540,"score":491,"percentile":541},"2026-01-22",0.35323,{"date":543,"score":491,"percentile":544},"2026-01-23",0.35381,{"date":546,"score":491,"percentile":547},"2026-01-24",0.3539,{"date":549,"score":491,"percentile":550},"2026-01-25",0.35336,{"date":552,"score":491,"percentile":553},"2026-01-26",0.35268,{"date":555,"score":491,"percentile":556},"2026-01-27",0.35264,{"date":558,"score":491,"percentile":559},"2026-01-28",0.35243,{"date":561,"score":491,"percentile":562},"2026-01-29",0.35213,{"date":564,"score":491,"percentile":565},"2026-01-30",0.35205,{"date":567,"score":568,"percentile":569},"2026-01-31",0.00108,0.29389,{"date":571,"score":568,"percentile":572},"2026-02-01",0.29458,[574,579,581],{"source":152,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":575,"cvss_v4_0":9},{"baseScore":150,"baseSeverity":576,"vectorString":153,"impactScore":577,"exploitabilityScore":578},"HIGH",8.7,7.2,{"source":158,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":580,"cvss_v4_0":9},{"baseScore":150,"baseSeverity":576,"vectorString":153,"impactScore":577,"exploitabilityScore":578},{"source":159,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":582,"cvss_v4_0":9},{"baseScore":150,"baseSeverity":9,"vectorString":153,"impactScore":577,"exploitabilityScore":578},[584,595,600,605,614],{"ecosystem":585,"name":586,"vendor":587,"product":588,"cpe_part":9,"purl_type":589,"purl_namespace":587,"purl_name":588,"source":9,"versions":590},"Go","github.com/containers/podman","github.com/containers","podman","golang",[591],{"version":592,"is_range":593,"range_type":594,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"all",true,"semver",{"ecosystem":585,"name":596,"vendor":586,"product":597,"cpe_part":9,"purl_type":589,"purl_namespace":586,"purl_name":597,"source":9,"versions":598},"github.com/containers/podman/v2","v2",[599],{"version":592,"is_range":593,"range_type":594,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":585,"name":601,"vendor":586,"product":602,"cpe_part":9,"purl_type":589,"purl_namespace":586,"purl_name":602,"source":9,"versions":603},"github.com/containers/podman/v3","v3",[604],{"version":592,"is_range":593,"range_type":594,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":585,"name":606,"vendor":586,"product":607,"cpe_part":9,"purl_type":589,"purl_namespace":586,"purl_name":607,"source":9,"versions":608},"github.com/containers/podman/v4","v4",[609,610],{"version":592,"is_range":593,"range_type":594,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":611,"is_range":593,"range_type":594,"version_start":9,"version_start_type":9,"version_end":612,"version_end_type":613,"fixed_in":9},"lte4_9_5","4.9.5","including",{"ecosystem":585,"name":615,"vendor":586,"product":616,"cpe_part":9,"purl_type":589,"purl_namespace":586,"purl_name":616,"source":9,"versions":617},"github.com/containers/podman/v5","v5",[618],{"version":619,"is_range":593,"range_type":594,"version_start":9,"version_start_type":9,"version_end":620,"version_end_type":621,"fixed_in":9},"lt5_6_1","5.6.1","excluding"]