Headline
GHSA-4crw-w8pw-2hmf: Buildah (as part of Podman) vulnerable to Link Following
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.
Buildah (as part of Podman) vulnerable to Link Following
Moderate severity GitHub Reviewed Published Dec 8, 2022 • Updated Dec 8, 2022
Related news
Red Hat Security Advisory 2024-2077-03
Red Hat Security Advisory 2024-2077-03 - An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include an information leakage vulnerability.
CVE-2022-4122: Invalid Bug ID
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.