1. Home
  2. Vulnerabilities
  3. CVE-2022-2738

CVE-2022-2738

CVSS v3.1 7.5 (High)
75% Progress
EPSS 0.26 % (66th)
0.26% Progress
Affected Products 3
Advisories 1
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code execution in Go applications that use the Go GPGME wrapper library, under certain conditions, during GPG signature verification.

Weaknesses
CWE-416
Use After Free
Related CVEs
CVE Status
PUBLISHED
CNA
Red Hat, Inc.
Published Date
2022-09-01 21:15:09
(2 years ago)
Updated Date
2023-02-12 22:15:28
(19 months ago)

Affected Products

Podman Project

Redhat

Configuration #1

    CPE23 From Up To
  Redhat Enterprise Linux Server 7.0 cpe:2.3:o:redhat:enterprise_linux_server:7.0
  Redhat Enterprise Linux Workstation 7.0 cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Configuration #2

    CPE23 From Up To
  Podman Project Podman 1.6.4-32.el7 9 cpe:2.3:a:podman_project:podman:1.6.4-32.el7_9