data/reports/GO-2022-1159.yaml - vulndb - Git at Google

 modules:
   - module: github.com/containers/podman/v4
     versions:
       - introduced: 4.1.0-rc1
     vulnerable_at: 4.3.1
     packages:
       - package: github.com/containers/podman/v4/pkg/bindings/images
         symbols:
           - Build
           - nTar
 summary: 'TODO(https://go.dev/issue/56443): fill in summary field'
 description: |-
     The local path and the lowest subdirectory may be disclosed due to
     incorrect absolute path traversal, resulting in an impact to
     confidentiality.
 cves:
   - CVE-2022-4123
 ghsas:
   - GHSA-rprg-4v7q-87v7
 credits:
   - Sage McTaggart
 references:
   - report: https://bugzilla.redhat.com/show_bug.cgi?id=2144989
   - web: https://github.com/containers/podman/pull/13531
	modules:
	- module: github.com/containers/podman/v4
	versions:
	- introduced: 4.1.0-rc1
	vulnerable_at: 4.3.1
	packages:
	- package: github.com/containers/podman/v4/pkg/bindings/images
	symbols:
	- Build
	- nTar
	summary: 'TODO(https://go.dev/issue/56443): fill in summary field'
	description: \|-
	The local path and the lowest subdirectory may be disclosed due to
	incorrect absolute path traversal, resulting in an impact to
	confidentiality.
	cves:
	- CVE-2022-4123
	ghsas:
	- GHSA-rprg-4v7q-87v7
	credits:
	- Sage McTaggart
	references:
	- report: https://bugzilla.redhat.com/show_bug.cgi?id=2144989
	- web: https://github.com/containers/podman/pull/13531