CVE-2022-4123

{"id": "CVE-2022-4123", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2022-12-08T16:15:14.937", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144989", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "secalert@redhat.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Secondary", "source": "secalert@redhat.com", "description": [{"lang": "en", "value": "CWE-23"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Buildah. The local path and the lowest subdirectory may be disclosed due to incorrect absolute path traversal, resulting in an impact to confidentiality."}], "lastModified": "2023-06-27T14:59:05.893", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:podman_project:podman:4.1.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38CCFD3-5936-40E2-9617-B5D6B5CD20BE"}, {"criteria": "cpe:2.3:a:podman_project:podman:4.1.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A21578B-CEC4-48D3-837D-12C1C5825BA2"}, {"criteria": "cpe:2.3:a:podman_project:podman:4.1.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7247B6A6-26D1-4224-A8C3-BC73000239ED"}, {"criteria": "cpe:2.3:a:podman_project:podman:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3190698C-48D2-4952-B193-ADA672C1CA3B"}, {"criteria": "cpe:2.3:a:podman_project:podman:4.2.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C98DAA3D-0006-445D-80DA-0BBBB7B213A1"}, {"criteria": "cpe:2.3:a:podman_project:podman:4.2.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "731A3F26-24C8-4B28-9DB6-296118A5EF33"}, {"criteria": "cpe:2.3:a:podman_project:podman:4.2.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "48148000-C165-4B94-9E58-F9B8B428068B"}, {"criteria": "cpe:2.3:a:podman_project:podman:4.2.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACA5BD4D-2571-4CF3-ABF3-93332B037721"}, {"criteria": "cpe:2.3:a:podman_project:podman:4.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "768879D7-F8AA-401F-B3AC-0B8E791F190D"}, {"criteria": "cpe:2.3:a:podman_project:podman:4.3.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2900852-3170-4AF7-828E-6445C78AC802"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}