{"id":"CVE-2026-57231","summary":"Podman: Malformed Image can trick podman run into leaking host environment variables into the container","details":"Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a container image that contains a environment variable with just a key and no value can trick podman into passing that variable from the host into the container. This is made worse by the fact that using an asterisk (*) will cause podman to pass all host variables into the container. So essentially a malicious image can exfiltrate all podman environment variables that are set in the session from where the container is launched. This vulnerability is fixed in 5.8.4 and 6.0.0.","aliases":["GHSA-4hq8-gpf5-8p68"],"modified":"2026-07-08T08:13:47.447154641Z","published":"2026-06-26T16:29:02.092Z","database_specific":{"cwe_ids":["CWE-200","CWE-668"],"cna_assigner":"GitHub_M","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/57xxx/CVE-2026-57231.json"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/57xxx/CVE-2026-57231.json"},{"type":"ADVISORY","url":"https://github.com/podman-container-tools/podman/security/advisories/GHSA-4hq8-gpf5-8p68"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-57231"},{"type":"FIX","url":"https://github.com/podman-container-tools/podman/commit/6c431b73dbf8e4b20b778644d7a80caebdb75050"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/podman-container-tools/podman","events":[{"introduced":"444a19cdd2e6108c75f6c1aadc1a2a9138a8bd73"},{"fixed":"5431df23c742e5edea35bef34eed696f4db0106b"},{"introduced":"d0c9bb1b49fb63826997342ad5ddb576bdf6e865"},{"fixed":"6c431b73dbf8e4b20b778644d7a80caebdb75050"}],"database_specific":{"source":["CPE_RANGE","CPE_STRING","REFERENCES"],"cpe":["cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*","cpe:2.3:a:podman_project:podman:6.0.0:rc1:*:*:*:*:*:*"],"extracted_events":[{"introduced":"1.8.1"},{"fixed":"5.8.4"},{"introduced":"6.0.0-rc1"},{"last_affected":"6.0.0-rc1"}]}}],"versions":["6.0.0-rc1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-57231.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}