CVEFinder.io

CVE-2022-2738

⚠️ high
🔍 Scan for this CVE
Summary

The version of podman as released for Red Hat Enterprise Linux 7 Extras via RHSA-2022:2190 advisory included an incorrect version of podman missing the fix for CVE-2020-8945, which was previously fixed via RHSA-2020:2117. This issue could possibly be used to crash or cause potential code execution in Go applications that use the Go GPGME wrapper library, under certain conditions, during GPG signature verification.

CVSS Score
7.5
High
EPSS Score
0.4
Exploit Probability
Published Date
2022-09-01
First Seen: 2026-01-05
📊 Relative Risk Intelligence

This CVE is Moderate Risk - more severe than 68.9% of all 330,193 vulnerabilities in our database.

#102,656
Above average severity
Severity Percentile
Last Modified 2024-11-21
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-416

📦 Affected Products 3

Vendor Product Status Affected Versions
redhat enterprise_linux_server Affected
v7.0
redhat enterprise_linux_workstation Affected
v7.0
podman_project podman Affected
v1.6.4-32.el7_9

🔗 References 2

https://access.redhat.com/security/cve/CVE-2022-2738
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2116923
Issue Tracking Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-55686 🔶 medium 5.3 - Podman is a tool for managing OCI containers and pods. From 3.0.0 until 5.7.1, running a malicious container image where... 2026-06-26
CVE-2025-6021 ⚠️ high 7.5 1.1 A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a ... 2025-06-12
CVE-2025-2784 ⚠️ high 7.0 0.7 A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_ins... 2025-04-03
CVE-2024-12085 ⚠️ high 7.5 9.4 A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to m... 2025-01-14
CVE-2024-3056 ⚠️ high 7.7 0.4 A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configur... 2024-08-02
CVE-2024-1086 ⚠️ high 7.8 84.6 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local pr... 2024-01-31
These CVEs affect the same products