Main Vulnerability Database Vulnerabilities #VU66697

#VU66697 Information disclosure in podman (Red Hat package) - CVE-2022-2739

Published: August 22, 2022

Vulnerability identifier: #VU66697

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-2739

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
podman (Red Hat package)

Software vendor:
Red Hat Inc.

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a missing patch for #VU47117 (CVE-2020-14370) in podman Red Hat package. A remote user with control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.

Remediation

Install updates from vendor's website.

External links

https://bugzilla.redhat.com/show_bug.cgi?id=2116927

#VU66697 Information disclosure in podman (Red Hat package) - CVE-2022-2739

Description

Remediation

External links

Please verify you're human