CVE-2025-4953

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-4953

Severity

7.4

High

CVSS V3

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Description

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-4953
https://github.com/advisories/GHSA-m68q-4hqr-mc6f
https://pkg.go.dev/vuln/GO-2025-3961
https://access.redhat.com/errata/RHSA-2025:16724
https://access.redhat.com/errata/RHSA-2025:16729
https://bugzilla.redhat.com/show_bug.cgi?id=2367235
https://access.redhat.com/security/cve/CVE-2025-4953

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2025-4953

Severity

Description

References

Affected packages

The trusted source for open source

Product

Solutions

Customers

Resources

Company