CVE-2022-4123

A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2144989 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:podman_project:podman:4.1.0:-:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.0:-:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.3.0:-:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

History

27 Jun 2023, 14:59

Type Values Removed Values Added
CWE CWE-23 CWE-22

Information

Published : 2022-12-08 16:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-4123

Mitre link : CVE-2022-4123

CVE.ORG link : CVE-2022-4123


JSON object : View

Products Affected

podman_project

  • podman

fedoraproject

  • fedora
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-23

Relative Path Traversal