| id: GO-2024-3169 |
| modules: |
| - module: github.com/containers/buildah |
| versions: |
| - fixed: 1.37.4 |
| vulnerable_at: 1.37.3 |
| - module: github.com/containers/podman |
| vulnerable_at: 1.9.3 |
| - module: github.com/containers/podman/v2 |
| vulnerable_at: 2.2.1 |
| - module: github.com/containers/podman/v3 |
| vulnerable_at: 3.4.7 |
| - module: github.com/containers/podman/v4 |
| vulnerable_at: 4.9.5 |
| - module: github.com/containers/podman/v5 |
| versions: |
| - fixed: 5.2.4 |
| vulnerable_at: 5.2.3 |
| summary: Improper Input Validation in Buildah and Podman in github.com/containers/buildah |
| cves: |
| - CVE-2024-9407 |
| ghsas: |
| - GHSA-fhqq-8f65-5xfc |
| references: |
| - advisory: https://github.com/advisories/GHSA-fhqq-8f65-5xfc |
| - fix: https://github.com/containers/buildah/commit/e4e2ad5ca2088d7c388109394135ead7aaf1f4f4 |
| - web: https://github.com/containers/podman/releases/tag/v5.2.4 |
| source: |
| id: GHSA-fhqq-8f65-5xfc |
| created: 2024-12-11T15:38:28.529084-05:00 |
| review_status: REVIEWED |
