CVE-2022-2739
MEDIUMRed Hat Enterprise Linux 7 Extras Podman - Exposure of Sensitive Information via Environment Variables
Title source: llmDescription
The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.
References (2)
Core 2
Core References
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=2116927
Third Party Advisory x_refsource_misc
https://access.redhat.com/security/cve/CVE-2022-2739
Scores
CVSS v3
5.3
EPSS
0.0017
EPSS Percentile
37.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
CWE-312
Status
published
Products (3)
podman_project/podman
1.6.4-32.el7_9
redhat/enterprise_linux_server
7.0
redhat/enterprise_linux_workstation
7.0
Published
Sep 01, 2022
Tracked Since
Feb 18, 2026