CVE-2022-4122

Опубликовано: 08 дек. 2022

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.

Ссылки

https://bugzilla.redhat.com/show_bug.cgi?id=2144983
Issue Tracking
Third Party Advisory
https://github.com/containers/podman/pull/16315
Patch
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2144983
Issue Tracking
Third Party Advisory
https://github.com/containers/podman/pull/16315
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:podman_project:podman:4.3.0:-:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

EPSS

Процентиль: 32%

0.00119

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-59

Связанные уязвимости

CVE-2022-4122

CVSS3: 5.3

ubuntu

больше 2 лет назад

A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.

CVE-2022-4122

CVSS3: 5.9

redhat

больше 2 лет назад

A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.

CVE-2022-4122

CVSS3: 5.3

debian

больше 2 лет назад

A vulnerability was found in buildah. Incorrect following of symlinks ...

GHSA-4crw-w8pw-2hmf

CVSS3: 5.3

github

больше 2 лет назад

Buildah (as part of Podman) vulnerable to Link Following

ELSA-2024-9102

oracle-oval

9 месяцев назад

ELSA-2024-9102: podman security update (MODERATE)

EPSS

Процентиль: 32%

0.00119

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-59