What the vulnerability does

01Description

A Time-of-check Time-of-use (TOCTOU) flaw was found in podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.

Key dates

02Disclosure timeline

March 27, 2023 CVE published
February 24, 2025 Record updated