Data Exposure Vulnerability in Podman by Red Hat
CVE-2025-4953
7.4HIGH
Key Information:
- Vendor
Red Hat
- Status
- Vendor
- CVE Published:
- 16 September 2025
What is CVE-2025-4953?
A vulnerability in Podman allows data written during the build process with RUN --mount=type=bind to remain accessible in the host's temporary build context directory. This can inadvertently expose sensitive files created within the container to the host, leading to potential security risks. Proper handling and cleanup of files are necessary to mitigate this risk.
Affected Version(s)
Red Hat OpenShift Container Platform 4.16 4:4.9.4-18.rhaos4.16.el9
Red Hat OpenShift Container Platform 4.18 5:5.2.2-2.rhaos4.18.el8