CVE-2025-4953

7.4 HIGH
Published: September 16, 2025 Modified: December 11, 2025
View on NVD

Description

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:8690
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:15904
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:16724
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:16729
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:17669
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:22265
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:22275
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:22695
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:22724
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:22732
Source: secalert@redhat.com
https://access.redhat.com/errata/RHSA-2025:2703
Source: secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2025-4953
Source: secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2367235
Source: secalert@redhat.com
https://github.com/containers/podman/pull/25173
Source: secalert@redhat.com

14 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.4 / 10.0
EPSS (Exploit Probability)
0.1%
20th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-378

Related CVEs

CVE-2025-69261 N/A
CVE-2025-69257 6.7
CVE-2025-69210 N/A
CVE-2025-66823 N/A
CVE-2025-50343 N/A