CVE-2022-4123

A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.
References
Link Resource
https://bugzilla.redhat.com/show_bug.cgi?id=2144989 Issue Tracking Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:podman_project:podman:4.1.0:-:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.1.0:rc1:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.1.0:rc2:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.1.1:*:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.0:-:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:podman_project:podman:4.3.0:-:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*

History

27 Jun 2023, 14:59

Type Values Removed Values Added
CWE CWE-23 CWE-22

12 Dec 2022, 15:46

Type Values Removed Values Added
New CVE

Information

Published : 2022-12-08 16:15

Updated : 2024-02-05 15:02


NVD link : CVE-2022-4123

Mitre link : CVE-2022-4123

CVE.ORG link : CVE-2022-4123


JSON object : View

Products Affected

fedoraproject

  • fedora

podman_project

  • podman
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-23

Relative Path Traversal