Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-4crw-w8pw-2hmf: Buildah (as part of Podman) vulnerable to Link Following

A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.

ghsa
#vulnerability#git#docker

Buildah (as part of Podman) vulnerable to Link Following

Moderate severity GitHub Reviewed Published Dec 8, 2022 • Updated Dec 8, 2022

Related news

Red Hat Security Advisory 2024-2077-03

Red Hat Security Advisory 2024-2077-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include an information leakage vulnerability.

CVE-2022-4122: Invalid Bug ID

A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.