github.com/containers/podman is vulnerable to information disclosure. The vulnerability exists because the utils.go
does not properly validate the .containerignore
or .dockerignore
build context if they are symlink
outside the build context, allowing an attacker to gain sensitive information through the Symlink
error.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/containers/podman | le | v4.4.0-rc3 | |
github.com/containers/podman | le | v4.4.4 |