QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-4953

Back to search

CVE-2025-4953

Published: Sep 16, 2025

Modified: Apr 23, 2026

PUBLISHED

CVSS v3.1

7.4

HIGH

Description

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

VendorProductVersions

Unknown

podman

affected
0 - < *

Red Hat

Red Hat Enterprise Linux 8

unaffected
8100020250911075811.afee755d - < *

Red Hat

Red Hat OpenShift Container Platform 4.12

unaffected
3:4.2.0-15.rhaos4.12.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.12

unaffected
412.86.202601061735-0 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
1:1.29.1-5.rhaos4.13.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
3:2.1.7-5.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
1:1.4.0-5.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:1.26.5-26.rhaos4.13.giteb3d487.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:1.26.0-7.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:2.2.24-5.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:2.15.0-10.rhaos4.13.el9 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:4.13.0-202410181847.p0.g53fd427.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:4.13.0-202410181847.p0.gd2acdd5.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:4.13.0-202410181847.p0.g1397e80.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:4.13.0-202410181847.p0.gd192e90.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:4.13.0-202410181847.p0.g36754b7.assembly.stream.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
3:4.4.1-15.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
4:1.1.14-2.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
2:1.11.3-4.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
1:1.29.5-1.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:5.14.0-284.109.1.el9_2 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
0:5.14.0-284.109.1.rt14.394.el9_2 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
3:4.4.1-16.rhaos4.13.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.13

unaffected
413.92.202511261311-0 - < *

Red Hat

Red Hat OpenShift Container Platform 4.14

unaffected
414.92.202512031525-0 - < *

Red Hat

Red Hat OpenShift Container Platform 4.15

unaffected
415.92.202512100122-0 - < *

Red Hat

Red Hat OpenShift Container Platform 4.16

unaffected
4:4.9.4-16.rhaos4.16.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.16

unaffected
416.94.202512030118-0 - < *

Red Hat

Red Hat OpenShift Container Platform 4.17

unaffected
417.94.202511260612-0 - < *

Red Hat

Red Hat OpenShift Container Platform 4.18

unaffected
5:5.2.2-2.rhaos4.18.el8 - < *

Red Hat

Red Hat OpenShift Container Platform 4.18

unaffected
418.94.202512022246-0 - < *

Red Hat

Red Hat Enterprise Linux 10

All versions

Red Hat

Red Hat Enterprise Linux 9

All versions

Red Hat

Red Hat OpenShift Container Platform 4

All versions

Weaknesses (CWE)

CWE-378

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

None

References

RHSA-2024:8690
vendor-advisory
x_refsource_REDHAT
RHSA-2025:15904
vendor-advisory
x_refsource_REDHAT
RHSA-2025:16724
vendor-advisory
x_refsource_REDHAT
RHSA-2025:16729
vendor-advisory
x_refsource_REDHAT
RHSA-2025:17669
vendor-advisory
x_refsource_REDHAT
RHSA-2025:22265
vendor-advisory
x_refsource_REDHAT
RHSA-2025:22275
vendor-advisory
x_refsource_REDHAT
RHSA-2025:22695
vendor-advisory
x_refsource_REDHAT
RHSA-2025:22724
vendor-advisory
x_refsource_REDHAT
RHSA-2025:22732
vendor-advisory
x_refsource_REDHAT
RHSA-2025:23113
vendor-advisory
x_refsource_REDHAT
RHSA-2025:2703
vendor-advisory
x_refsource_REDHAT
RHSA-2026:0316
vendor-advisory
x_refsource_REDHAT
RHBZ#2367235
issue-tracking
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now