Vulnerabilities > Podman Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-08 | CVE-2022-4122 | Link Following vulnerability in multiple products A vulnerability was found in buildah. | 5.3 |
| 2022-12-08 | CVE-2022-4123 | Path Traversal vulnerability in multiple products A flaw was found in Buildah. | 3.3 |
| 2022-09-13 | CVE-2022-2989 | Placement of User into Incorrect Group vulnerability in multiple products An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container. | 7.1 |
| 2022-09-01 | CVE-2022-2738 | Use After Free vulnerability in multiple products The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. | 7.5 |
| 2022-09-01 | CVE-2022-2739 | Cleartext Storage of Sensitive Information vulnerability in multiple products The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. | 5.3 |
| 2022-06-09 | CVE-2019-25067 | A vulnerability, which was classified as critical, was found in Podman and Varlink 1.5.1. | 8.8 |
| 2022-04-29 | CVE-2022-1227 | Improper Privilege Management vulnerability in multiple products A privilege escalation flaw was found in Podman. | 8.8 |
| 2022-04-04 | CVE-2022-27649 | Incorrect Default Permissions vulnerability in multiple products A flaw was found in Podman, where containers were started incorrectly with non-empty default permissions. | 7.5 |
| 2021-12-23 | CVE-2021-4024 | Origin Validation Error vulnerability in multiple products A flaw was found in podman. | 6.5 |
| 2021-02-11 | CVE-2021-20188 | Incorrect Authorization vulnerability in multiple products A flaw was found in podman before 1.7.0. | 6.9 |