PT-2022-18404 · Red Hat · Podman
Mauro Matteo Cascella
·
Published
2022-09-01
·
Updated
2023-02-13
·
CVE-2022-2738
CVSS v3.1
7.5
High
| Vector | AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
podman versions prior to the version fixed via RHSA-2020:2117
Description
The issue could potentially be used to crash or cause code execution in Go applications using the Go GPGME wrapper library under certain conditions during GPG signature verification.
Recommendations
For versions prior to the one fixed via RHSA-2020:2117, update to a version that includes the fix for the issue.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Podman