Search for packages
| purl | pkg:rpm/redhat/podman@4:4.9.4-12.rhaos4.16?arch=el8 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 3.5 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-j9nr-4d4t-j3e1
Aliases: CVE-2024-9675 GHSA-586p-749j-fhwp |
Buildah allows arbitrary directory mount A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah. | There are no reported fixed by versions. |
|
VCID-zcxt-ccb2-eufc
Aliases: CVE-2024-9676 |
Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:44:47.858602+00:00 | RedHat Importer | Affected by | VCID-j9nr-4d4t-j3e1 | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9675.json | 38.0.0 |
| 2026-04-01T13:44:45.852783+00:00 | RedHat Importer | Affected by | VCID-zcxt-ccb2-eufc | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9676.json | 38.0.0 |