Lucene search
GoogleOSV:GHSA-4CRW-W8PW-2HMFHistoryDec 08, 2022 - 6:30 p.m.
Buildah (as part of Podman) vulnerable to Link Following
2022-12-0818:30:50
Google
osv.dev
11
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
25.3%
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/containers/podman/v4 | lt | 4.5.0 |
Related
veracode
veracode
Information Disclosure
2022-12-12 05:23:19
cnvd
cnvd
Bulidah has information leaks
2022-11-24 00:00:00
ubuntucve
ubuntucve
CVE-2022-4122
2022-12-08 00:00:00
cve
cve
CVE-2022-4122
2022-12-08 16:15:14
redhatcve
redhatcve
CVE-2022-4122
2022-11-22 20:25:59
debiancve
debiancve
CVE-2022-4122
2022-12-08 16:15:14
prion
prion
Information disclosure
2022-12-08 16:15:00
github
github
Buildah (as part of Podman) vulnerable to Link Following
2022-12-08 18:30:50
cvelist
cvelist
CVE-2022-4122
2022-12-08 00:00:00
nvd
nvd
CVE-2022-4122
2022-12-08 16:15:14
osv
osv
CVE-2022-4122
2022-12-08 16:15:14
redhat
redhat
nessus
nessus
RHEL 7 : podman (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 8 : container-tools:rhel8 (RHSA-2024:2077)
2024-04-29 00:00:00
RHEL 8 : podman (Unpatched Vulnerability)
2024-06-03 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
25.3%
Related for OSV:GHSA-4CRW-W8PW-2HMF