DirectorySecurity Advisories
Sign In
Security Advisories

CVE-2022-2990

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-2990

CGA ID

CGA-x7mh-w3g6-2c7r

Severity

7.1

High

CVSS V3

Description

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

References

  • https://images.chainguard.dev/security/CGA-x7mh-w3g6-2c7r

Affected packages


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images