๐Ÿ” CVE Alert

CVE-2025-6032

HIGH 8.3

Podman: podman missing tls verification

CVSS Score
8.3
EPSS Score
0.0%
EPSS Percentile
0th

A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.

CWE CWE-295
Published Jun 24, 2025
Last Updated Nov 29, 2025
Stay Ahead of the Next One

Get instant alerts for

Be the first to know when new high vulnerabilities are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Affected Versions

Red Hat / Red Hat Enterprise Linux 10
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.16
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.16
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.17
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.17
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.18
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.18
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.19
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.19
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.20
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10295 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10549 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10550 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10551 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:10668 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:11359 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:11363 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:11677 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:11681 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:15397 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:9726 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:9751 access.redhat.com: https://access.redhat.com/errata/RHSA-2025:9766 access.redhat.com: https://access.redhat.com/security/cve/CVE-2025-6032 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2372501 github.com: https://github.com/containers/podman/commit/726b506acc8a00d99f1a3a1357ecf619a1f798c3 github.com: https://github.com/containers/podman/security/advisories/GHSA-65gg-3w2w-hr4h

Credits

This issue was discovered by Paul Holzinger (Red Hat Inc.).