vulnerability in jenkins project #1964
Description
While working on jenkins project, we uncovered a critical security issue in the Podman container management tool(this dependency used by jenkins), tracked as CVE-2025-6032. This vulnerability affects the podman machine init command, where TLS certificate validation is improperly handled when downloading VM images from OCI registries. Malicious actors can manipulate or replace VM images, posing a serious risk to containerized environments.