{"id":"AZL-64454","summary":"CVE-2025-6032 affecting package podman 5.6.1-7","details":"A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.","modified":"2026-04-01T05:20:19.365019Z","published":"2025-06-24T14:15:30Z","upstream":["CVE-2025-6032"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6032"}],"affected":[{"package":{"name":"podman","ecosystem":"Azure Linux:3","purl":"pkg:rpm/azure-linux/podman"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"5.6.1-7"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-64454.json"}}],"schema_version":"1.7.5"}