Home > Vulnerability Database > CVE-2025-4953

Mend.io Vulnerability Database

CVE-2025-4953

Date: September 16, 2025

A flaw was found in Podman. In a Containerfile or Podman, data written to RUN --mount=type=bind mounts during the podman build is not discarded. This issue can lead to files created within the container appearing in the temporary build context directory on the host, leaving the created files accessible.

Severity Score

7.4

Related Resources (9)

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2367235

Url: https://access.redhat.com/errata/RHSA-2025:16724

Url: https://access.redhat.com/errata/RHSA-2025:17669

Url: https://github.com/containers/podman

Url: https://github.com/advisories/GHSA-m68q-4hqr-mc6f

Url: https://access.redhat.com/errata/RHSA-2025:16729

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-4953

Url: https://access.redhat.com/security/cve/CVE-2025-4953

Url: https://www.mend.io/vulnerability-database/CVE-2025-4953

Severity Score

7.4

Weakness Type (CWE)

Creation of Temporary File With Insecure Permissions

CWE-378

CVSS v3.1

Base Score:	7.4
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-4953

Date: September 16, 2025

Severity Score

Related Resources (9)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?