Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-2738
HistorySep 01, 2022 - 9:15 p.m.

CVE-2022-2738

2022-09-0121:15:09
CWE-416
[email protected]
web.nvd.nist.gov
2
podman
red hat enterprise linux 7 extras
vulnerability
cve-2020-8945
gpg signature verification

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

0.012 Low

EPSS

Percentile

85.1%

JSON

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code execution in Go applications that use the Go GPGME wrapper library, under certain conditions, during GPG signature verification.

Affected configurations

NVD
Node
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_workstationMatch7.0
Node
podman_projectpodmanMatch1.6.4-32.el7_9

Related

redhatcve 2
cvelist 2
prion 2
cve 2
redhat 20
nessus 23
openvas 5
fedora 4
veracode 2
osv 5
debiancve 1
github 1
nvd 1
ubuntucve 1
oraclelinux 1
redhatcve
redhatcve
CVE-2022-2738
2022-08-19 08:38:34
CVE-2020-8945
2022-05-14 11:39:44
cvelist
cvelist
CVE-2022-2738
2022-09-01 20:50:57
CVE-2020-8945
2020-02-12 17:20:43
prion
prion
Design/Logic Flaw
2022-09-01 21:15:00
Design/Logic Flaw
2020-02-12 18:15:00
cve
cve
CVE-2022-2738
2022-09-01 21:15:09
CVE-2020-8945
2020-02-12 18:15:10
redhat
redhat
(RHSA-2022:6119) Moderate: podman security and bug fix update
2022-08-22 08:12:17
(RHSA-2020:0689) Moderate: OpenShift Container Platform 4.2.22 skopeo security update
2020-03-10 12:09:47
(RHSA-2020:2027) Moderate: OpenShift Container Platform 4.2.33 openshift-clients security update
2020-05-13 11:04:10
nessus
nessus
RHEL 7 : podman (RHSA-2022:6119)
2022-08-22 00:00:00
Oracle Linux 7 : podman (ELSA-2022-20240)
2022-08-22 00:00:00
RHEL 8 : OpenShift Container Platform 4.3.5 skopeo (RHSA-2020:0679)
2020-03-11 00:00:00
openvas
openvas
Fedora: Security Advisory for skopeo (FEDORA-2020-f317e13ecf)
2020-02-23 00:00:00
Fedora: Security Advisory for podman (FEDORA-2020-ccc3e64ea5)
2020-03-10 00:00:00
Huawei EulerOS: Security Advisory for iSulad-kit (EulerOS-SA-2020-1290)
2020-03-23 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: skopeo-0.1.41-1.fc30
2020-02-24 01:13:25
[SECURITY] Fedora 30 Update: podman-1.8.0-4.fc30
2020-03-09 20:55:26
[SECURITY] Fedora 31 Update: skopeo-0.1.41-1.fc31
2020-02-23 01:23:31
veracode
veracode
Use After Free (UAF)
2020-02-13 05:13:18
Use-After-Free
2022-09-05 21:42:39
osv
osv
GO-2020-0002
2021-04-14 20:04:52
GO-2020-0031
2021-04-14 20:04:52
Memory corruption or code execution in github.com/proglottis/gpgme
2021-04-14 20:04:52
debiancve
debiancve
CVE-2020-8945
2020-02-12 18:15:10
github
github
GPGME Go wrapper contains Use After Free
2021-05-18 15:29:42
nvd
nvd
CVE-2020-8945
2020-02-12 18:15:10
ubuntucve
ubuntucve
CVE-2020-8945
2020-02-12 00:00:00
oraclelinux
oraclelinux
podman security update
2022-08-22 00:00:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

0.012 Low

EPSS

Percentile

85.1%

JSON
Related for NVD:CVE-2022-2738
redhatcve2cvelist2prion2cve2redhat20nessus23openvas5fedora4veracode2osv5debiancve1github1nvd1ubuntucve1oraclelinux1