Risk Scores
CVSS v3.1
6.800000190734863
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | buildah | Affects buildah v1.24.0 and prior, Fixed in - v1.25.0 |
| n/a | buildah | Affects buildah v1.24.0 and prior, Fixed in - v1.25.0, Affects buildah v1.24.0 and prior, Fixed in - v1.25.0, * |
| github.com | containers/buildah | 0, 0, 0 |
| chainguard | buildah | *, *, * |
| github.com | containers/buildah/chroot | 0, 0, 0 |
| wolfi | buildah | *, *, * |
Timeline
- Apr 1, 2022 CVE Published
- Apr 5, 2022 EPSS Score
- May 25, 2022 EPSS Score
- Jul 15, 2022 EPSS Score
- Sep 3, 2022 EPSS Score
- Oct 23, 2022 EPSS Score
- Dec 30, 2022 EPSS Score
- Jan 31, 2023 EPSS Score
- Feb 23, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 22, 2023 EPSS Score
- May 10, 2023 EPSS Score
References
- x_refsource_MISC
- x_refsource_MISC
- x_refsource_MISC
- FEDORA-2022-224a93852c vendor-advisoryx_refsource_FEDORA
- FEDORA-2022-e6388650ea vendor-advisoryx_refsource_FEDORA
- FEDORA-2022-1a15fe81f0 vendor-advisoryx_refsource_FEDORA
- https://github.com/containers/buildah/pull/3855 patch
- https://github.com/containers/buildah/commit/90b3254c7404039c1c786999ac189654228f6e0e patch
- https://nvd.nist.gov/vuln/detail/CVE-2022-27651 advisory
- https://github.com/advisories/GHSA-c3g4-w6cv-6v7h advisory
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2VWH6X6HOFPO6HTESF42HIJZEPXSWVIO/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7NETC7I6RTMMBRJJQVJOJUPDK4W4PQSJ/ url
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/25YI27MENCEPZTTGRVU6BQD5V53FNI52/ url
- https://pkg.go.dev/vuln/GO-2022-0417 url