Low severityNVD Advisory· Published Dec 8, 2022· Updated Apr 22, 2025
CVE-2022-4123
CVE-2022-4123
Description
A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/containers/podman/v4Go | >= 4.1.0-rc1, <= 4.4.1 | — |
Affected products
2- Buildah/Buildahdescription
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-rprg-4v7q-87v7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-4123ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsaWEB
- github.com/containers/podman/commit/7934b77dd5372c22063686a218b8b48c2fcaca8cghsaWEB
- github.com/containers/podman/issues/13293ghsaWEB
- github.com/containers/podman/pull/13531ghsaWEB
- pkg.go.dev/vuln/GO-2022-1159ghsaWEB
News mentions
0No linked articles in our index yet.