{"package":"github.com/containers/podman/v4","ecosystem":"go","latest_version":"v4.9.5","description":"Podman: A tool for managing OCI containers and pods.","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://pkg.go.dev/github.com/containers/podman/v4","repository":"https://github.com/containers/podman/v4","downloads_weekly":31437,"health":{"score":47,"risk":"high","breakdown":{"maintenance":5,"popularity":10,"security":4,"maturity":15,"community":13},"deprecated":false,"max_score":100},"vulnerabilities":{"count":12,"critical":0,"high":3,"medium":3,"low":6,"details":[{"vuln_id":"CVE-2025-6032","severity":"high","summary":"Podman Improper Certificate Validation; machine missing TLS verification","affected_versions":">=4.8.0,<=4.9.5|<5.5.2","fixed_version":"5.5.2","source":"osv","published_at":"2025-06-25T21:57:00Z","in_kev":false,"epss_prob":0.00225,"epss_percentile":0.45235,"threat_tier":"theoretical"},{"vuln_id":"CVE-2024-1753","severity":"medium","summary":"Podman affected by CVE-2024-1753 container escape at build time ","affected_versions":"<4.9.4|<5.0.1","fixed_version":"5.0.1","source":"osv","published_at":"2024-03-28T17:53:52Z","in_kev":false,"epss_prob":0.00076,"epss_percentile":0.22753,"threat_tier":"theoretical"},{"vuln_id":"CVE-2024-9407","severity":"medium","summary":"Improper Input Validation in Buildah and Podman","affected_versions":"<1.37.4|<5.2.4|<5.2.4|<5.2.4|<5.2.4|<5.2.4","fixed_version":"5.2.4","source":"osv","published_at":"2024-10-01T21:31:35Z","in_kev":false,"epss_prob":0.0002,"epss_percentile":0.05408,"threat_tier":"theoretical"},{"vuln_id":"CVE-2026-33414","severity":"medium","summary":"PowerShell Command Injection in Podman HyperV Machine","affected_versions":">=4.8.0,<=4.9.5|<5.8.2","fixed_version":"5.8.2","source":"osv","published_at":"2026-04-14T22:30:24Z","in_kev":false,"epss_prob":0.00039,"epss_percentile":0.11856,"threat_tier":"theoretical"},{"vuln_id":"CVE-2024-3056","severity":"high","summary":"Podman vulnerable to memory-based denial of service","affected_versions":"<=5.2.0|<=5.2.0|<=5.2.0|<=5.2.0|<=5.2.0","fixed_version":null,"source":"osv","published_at":"2024-08-02T21:31:34Z","in_kev":false,"epss_prob":0.00356,"epss_percentile":0.57943,"threat_tier":"theoretical"},{"vuln_id":"CVE-2025-9566","severity":"high","summary":"podman kube play symlink traversal vulnerability","affected_versions":"<5.6.1|<=4.9.5","fixed_version":"5.6.1","source":"osv","published_at":"2025-09-04T20:01:54Z","in_kev":false,"epss_prob":0.00054,"epss_percentile":0.16994,"threat_tier":"theoretical"},{"vuln_id":"CVE-2022-4123","severity":"unknown","summary":"Path traversal in github.com/containers/podman/v4","affected_versions":">=4.1.0-rc1","fixed_version":null,"source":"osv","published_at":"2022-12-22T20:52:37Z","in_kev":false,"epss_prob":0.00044,"epss_percentile":0.13409,"threat_tier":"theoretical"},{"vuln_id":"CVE-2024-3056","severity":"unknown","summary":"Podman vulnerable to memory-based denial of service in github.com/containers/podman","affected_versions":null,"fixed_version":null,"source":"osv","published_at":"2024-08-06T22:03:16Z","in_kev":false,"epss_prob":0.00356,"epss_percentile":0.57943,"threat_tier":"theoretical"},{"vuln_id":"CVE-2024-9407","severity":"unknown","summary":"Improper Input Validation in Buildah and Podman in github.com/containers/buildah","affected_versions":"<1.37.4|<5.2.4","fixed_version":"5.2.4","source":"osv","published_at":"2024-10-09T20:29:23Z","in_kev":false,"epss_prob":0.0002,"epss_percentile":0.05408,"threat_tier":"theoretical"},{"vuln_id":"CVE-2025-6032","severity":"unknown","summary":"Podman Improper Certificate Validation; machine missing TLS verification in github.com/containers/podman","affected_versions":">=4.8.0|<5.5.2","fixed_version":"5.5.2","source":"osv","published_at":"2025-07-28T19:57:13Z","in_kev":false,"epss_prob":0.00225,"epss_percentile":0.45235,"threat_tier":"theoretical"},{"vuln_id":"CVE-2025-9566","severity":"unknown","summary":"podman kube play symlink traversal vulnerability in github.com/containers/podman","affected_versions":"<5.6.1","fixed_version":"5.6.1","source":"osv","published_at":"2025-09-08T14:13:10Z","in_kev":false,"epss_prob":0.00054,"epss_percentile":0.16994,"threat_tier":"theoretical"},{"vuln_id":"CVE-2025-4953","severity":"unknown","summary":"Podman Creates Temporary File with Insecure Permissions in github.com/containers/podman","affected_versions":null,"fixed_version":null,"source":"osv","published_at":"2025-09-17T17:03:49Z","in_kev":false,"epss_prob":0.00029,"epss_percentile":0.08299,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"v4.9.5","total_count":53,"recent":["v4.5.0","v4.6.0","v4.4.0-rc3","v4.9.2","v4.1.0","v4.4.3","v4.9.1","v4.2.0-rc1","v4.3.1","v4.0.0-rc5","v4.0.0-rc3","v4.8.2","v4.2.0","v4.7.1","v4.0.3","v4.9.5","v4.5.0-rc1","v4.7.2","v4.4.1","v4.6.1"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":962,"first_published":null,"last_published":"2024-05-30T13:10:18Z","dependencies_count":0,"dependencies":[]},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"update_required","issues":["3 high severity vulnerabilities"],"use_version":"v4.9.5","version_hint":"Update to >= 5.6.1 to fix known vulnerabilities","summary":"github.com/containers/podman/v4@v4.9.5 has vulnerabilities — update to latest"},"version_scoped":null,"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false}}