Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Podman
(Podman_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-09-01 | CVE-2022-2739 | The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables. | Podman, Enterprise_linux_server, Enterprise_linux_workstation | 5.3 | ||
| 2022-12-08 | CVE-2022-4122 | A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure. | Fedora, Podman | 5.3 | ||
| 2022-12-08 | CVE-2022-4123 | A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality. | Fedora, Podman | 3.3 | ||
| 2022-06-09 | CVE-2019-25067 | A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. This affects an unknown part of the component API. The manipulation leads to Remote Privilege Escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-143949 was assigned to this vulnerability. | Podman, Varlink | 8.8 |