1. Home
  2. Security Advisories
  3. Fedora
  4. FEDORA-2022-c87047f163

[FEDORA-2022-c87047f163] Fedora 35: podman

Severity High
Affected Packages 1
CVEs 4
Info Packages References Vulnerabilities

Security fixes for CVE-2022-1227, CVE-2022-21698, CVE-2022-27191, CVE-2022-27649

Package Affected Version
pkg:rpm/fedora/podman?distro=fedora-35 < 3.4.7.1.fc35
ID
FEDORA-2022-c87047f163
Severity
high
Severity from
CVE-2022-1227
URL
https://bodhi.fedoraproject.org/updates/FEDORA-2022-c87047f163
Published
2022-04-29T07:11:23
(2 years ago)
Modified
2022-04-29T07:11:23
(2 years ago)
Rights
Copyright 2022 Red Hat, Inc.
Other Advisories
Source # ID Name URL
Bugzilla 2045880 Bug #2045880 - CVE-2022-21698 prometheus/client_golang: Denial of service using InstrumentHandlerCounter https://bugzilla.redhat.com/show_bug.cgi?id=2045880
Bugzilla 2064702 Bug #2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server https://bugzilla.redhat.com/show_bug.cgi?id=2064702
Bugzilla 2066568 Bug #2066568 - CVE-2022-27649 podman: Default inheritable capabilities for linux container should be empty https://bugzilla.redhat.com/show_bug.cgi?id=2066568
Bugzilla 2070368 Bug #2070368 - CVE-2022-1227 psgo: Privilege escalation in 'podman top' https://bugzilla.redhat.com/show_bug.cgi?id=2070368
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/fedora/podman?distro=fedora-35 fedora podman < 3.4.7.1.fc35 fedora-35
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date