7 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-4122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure...
Moderate: Red Hat Security Advisory: podman security update
An update for podman is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
RHEL 8 : podman (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - podman: Symlink error leads to information disclosure CVE-2022-4122 - A flaw was found in Buildah. The...
RHEL 8 : podman (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - golang: out-of-bounds read in golang.org/x/text/language leads to DoS CVE-2021-38561 Note that Nessus has not teste...
RHEL 7 : podman (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - podman: symlink exchange attack in podman export volume CVE-2023-0778 - A vulnerability was found in...
RHEL 8 : container-tools:rhel8 (RHSA-2024:2077)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2077 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang:...
CVE-2022-4122
CVE-2022-4122 affects podman (and the podman-build-related components) via a symlink-following flaw in reading .containerignore and .dockerignore, causing information disclosure. Connected MARINER data specifies: affected podman versions