Описание
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.
Отчет
This issue only affects a single version of podman, 1.6.4-32.el7_9, shipped in Red Hat Enterprise Linux 7 Extras. Both earlier and later versions are not affected.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 8 | container-tools:3.0/podman | Not affected | ||
| Red Hat Enterprise Linux 8 | container-tools:4.0/podman | Not affected | ||
| Red Hat Enterprise Linux 8 | container-tools:rhel8/podman | Not affected | ||
| Red Hat Enterprise Linux 9 | podman | Not affected | ||
| Red Hat Enterprise Linux 7 Extras | podman | Fixed | RHSA-2022:6119 | 22.08.2022 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.
EPSS
5.3 Medium
CVSS3