Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:38434
HistoryDec 12, 2022 - 5:23 a.m.

Information Disclosure

2022-12-1205:23:19
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
13
information disclosure
software
symlink error

0.001 Low

EPSS

Percentile

25.4%

github.com/containers/podman is vulnerable to information disclosure. The vulnerability exists because the utils.go does not properly validate the .containerignore or .dockerignore build context if they are symlink outside the build context, allowing an attacker to gain sensitive information through the Symlink error.