PT-2022-25736 · Buildah+3 · Buildah+3

Sage Mctaggart

Published

2022-11-22

Updated

2025-04-22

CVE-2022-4122

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions buildah (affected versions not specified)

Description A vulnerability was found in buildah, where incorrect following of symlinks while reading .containerignore and .dockerignore files results in information disclosure. This issue affects buildah as part of Podman.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

AZL-44526

BDU:2025-12234

CVE-2022-4122

GHSA-4CRW-W8PW-2HMF

GO-2022-1151

INFSA-2024_9102

RHSA-2024:2077

RHSA-2024:9102

RHSA-2024_9102

RLSA-2024:9102

Affected Products

Debian

Red Hat

Rocky Linux

Buildah

PT-2022-25736 · Buildah+3 · Buildah+3

CVE-2022-4122

Weakness Enumeration

Related Identifiers

Affected Products

References · 25