Home > Vulnerability Database > CVE-2022-2738

Mend.io Vulnerability Database

CVE-2022-2738

Date: September 1, 2022

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code execution in Go applications that use the Go GPGME wrapper library, under certain conditions, during GPG signature verification.

Severity Score

7.5

Related Resources (5)

Url: https://nvd.nist.gov/vuln/detail/CVE-2022-2738

Url: https://access.redhat.com/errata/RHSA-2022:6119

Url: https://access.redhat.com/security/cve/CVE-2022-2738

Url: https://bugzilla.redhat.com/show_bug.cgi?id=2116923

Url: https://www.mend.io/vulnerability-database/CVE-2022-2738

Severity Score

7.5

Weakness Type (CWE)

Use After Free

CWE-416

CVSS v3.1

Base Score:	7.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

CVE-2022-2738

Date: September 1, 2022

Severity Score

Related Resources (5)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?