DEBIAN-CVE-2022-4122
- Source
- https://security-tracker.debian.org/tracker/CVE-2022-4122
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2022-4122.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2022-4122
- Upstream
- Published
- 2022-12-08T16:15:14.870Z
- Modified
- 2025-11-17T04:25:24.473016Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability was found in buildah. Incorrect following of symlinks while reading .containerignore and .dockerignore results in information disclosure.
- References
Affected packages
Debian:11
golang-github-containers-buildah
Package
- Name
- golang-github-containers-buildah
- Purl
- pkg:deb/debian/golang-github-containers-buildah?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.19.6+dfsg1-1
1.20.0+ds1-1
1.20.1+ds1-1
1.20.1+ds1-2
1.21.0+ds1-2
1.21.3+ds1-1
1.22.3+ds1-1
1.22.3+ds1-2
1.23.1+ds1-1
1.23.1+ds1-2
1.23.1+ds1-3
1.24.1+ds1-1
1.26.1+ds1-1
1.27.0+ds1-2
1.27.0+ds1-3
1.27.0+ds1-4
1.27.0+ds1-5
1.27.0+ds1-6
1.28.0+ds1-1
1.28.0+ds1-2
1.28.0+ds1-3
1.28.2+ds1-1
1.28.2+ds1-2
1.28.2+ds1-3
1.29.0+ds1-1
1.30.0+ds1-1
1.30.0+ds1-2
1.30.0+ds1-3
1.31.2+ds1-1
1.31.2+ds1-2
1.31.2+ds1-3
1.32.0+ds1-1
1.32.0+ds1-2
1.32.2+ds1-1
1.33.1+ds1-1
1.33.1+ds1-2
1.33.3+ds1-1
1.33.3+ds1-2
1.33.5+ds1-3
1.33.5+ds1-4
1.33.7+ds1-1
1.34.0+ds1-1
1.34.0+ds1-2
1.35.3+ds1-1
1.35.3+ds1-2
1.35.3+ds1-3
1.37.0+ds1-1
1.37.1+ds1-1
1.37.1+ds1-2
1.37.2+ds1-1
1.37.2+ds1-2
1.37.2+ds1-3
1.37.3+ds1-1
1.37.3+ds1-2
1.37.3+ds1-3
1.37.4+ds1-1
1.37.5+ds1-1
1.38.0+ds1-1
1.38.0+ds1-2
1.38.1+ds1-1
1.39.0+ds1-1
1.39.3+ds1-1
1.41.4+ds1-1
1.41.4+ds1-2
1.41.4+ds1-3
1.41.5+ds1-1
1.41.5+ds1-2
1.41.5+ds1-3
1.41.5+ds1-4
Debian:12
golang-github-containers-buildah
Package
- Name
- golang-github-containers-buildah
- Purl
- pkg:deb/debian/golang-github-containers-buildah?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
1.*
1.28.2+ds1-3
1.28.2+ds1-3+deb12u1
1.29.0+ds1-1
1.30.0+ds1-1
1.30.0+ds1-2
1.30.0+ds1-3
1.31.2+ds1-1
1.31.2+ds1-2
1.31.2+ds1-3
1.32.0+ds1-1
1.32.0+ds1-2
1.32.2+ds1-1
1.33.1+ds1-1
1.33.1+ds1-2
1.33.3+ds1-1
1.33.3+ds1-2
1.33.5+ds1-3
1.33.5+ds1-4
1.33.7+ds1-1
1.34.0+ds1-1
1.34.0+ds1-2
1.35.3+ds1-1
1.35.3+ds1-2
1.35.3+ds1-3
1.37.0+ds1-1
1.37.1+ds1-1
1.37.1+ds1-2
1.37.2+ds1-1
1.37.2+ds1-2
1.37.2+ds1-3
1.37.3+ds1-1
1.37.3+ds1-2
1.37.3+ds1-3
1.37.4+ds1-1
1.37.5+ds1-1
1.38.0+ds1-1
1.38.0+ds1-2
1.38.1+ds1-1
1.39.0+ds1-1
1.39.3+ds1-1
1.41.4+ds1-1
1.41.4+ds1-2
1.41.4+ds1-3
1.41.5+ds1-1
1.41.5+ds1-2
1.41.5+ds1-3
1.41.5+ds1-4
Debian:13
golang-github-containers-buildah
Package
- Name
- golang-github-containers-buildah
- Purl
- pkg:deb/debian/golang-github-containers-buildah?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Debian:14
golang-github-containers-buildah
Package
- Name
- golang-github-containers-buildah
- Purl
- pkg:deb/debian/golang-github-containers-buildah?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected