A Time-of-check Time-of-use (TOCTOU) flaw appears in this version of podman. This issue may allow a malicious user to replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.
{ "review_status": "REVIEWED", "url": "https://pkg.go.dev/vuln/GO-2023-1681" }