CVE-2022-2739

medium

Description

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.

References

https://bugzilla.redhat.com/show_bug.cgi?id=2116927

https://access.redhat.com/security/cve/CVE-2022-2739

Details

Source: Mitre, NVD

Published: 2022-09-01

Updated: 2023-07-21

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:N/AC:H/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N