github.com/containers/podman is vulnerable to Information Disclosure. The vulnerability exists in multiple functions due to improper handling of the supplementary groups in the Podman container engine which allows an attacker to gain access to containers and execute arbitrary codes.
access.redhat.com/errata/RHSA-2022:7822
access.redhat.com/errata/RHSA-2022:8008
access.redhat.com/errata/RHSA-2022:8431
access.redhat.com/security/cve/CVE-2022-2989
bugzilla.redhat.com/show_bug.cgi?id=2121445
github.com/advisories/GHSA-4wjj-jwc9-2x96
github.com/containers/podman/commit/d82a41687e614d9ac8b2d169dee47fe226835e4c
github.com/containers/podman/pull/15618
github.com/containers/podman/pull/15677
github.com/containers/podman/pull/15696
www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/