// For flags

CVE-2022-2739

podman: Security regression of CVE-2020-14370 due to source code management issue

Severity Score

5.3
*CVSS v3.1

Exploit Likelihood

< 1%
*EPSS

Affected Versions

3
*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-14370, which was previously fixed via RHSA-2020:5056. This issue could possibly allow an attacker to gain access to sensitive information stored in environment variables.

La versión de podman publicada para Red Hat Enterprise Linux 7 Extras por medio del aviso RHSA-2022:2190 incluía una versión incorrecta de podman que carecía de la corrección de CVE-2020-14370, que se había corregido previamente por medio de RHSA-2020:5056. Este problema podría permitir a un atacante acceder a información confidencial almacenada en variables de entorno

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
High
Authentication
Single
Confidentiality
Complete
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-08-09 CVE Reserved
  • 2022-08-22 CVE Published
  • 2024-08-03 CVE Updated
  • 2025-03-30 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
  • CWE-312: Cleartext Storage of Sensitive Information
CAPEC
Affected Vendors, Products, and Versions (3)