How severe is CVE-2022-2990?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.1 out of 10.

What type of vulnerability is CVE-2022-2990?

This is classified as CWE-842, which is a common weakness in software security.

CVE-2022-2990 - HIGH Severity | CVSS 7.1

Vulnerability Description

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.

Related Vulnerabilities

CVE-2022-2989

HIGH

CVSS:7.1(High)

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to th...

CWE-8422022

CVE-2022-31007

HIGH

CVSS:7.2(High)

eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system admi...

CWE-8422022

CVE-2023-25575

MEDIUM

CVSS:6.5(Medium)

API Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the `security` option of the `ApiPlatform\Metadata\ApiProperty` attribute can b...

CWE-8422023

CVE-2022-3650

HIGH

CVSS:7.8(High)

A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.

CWE-8422022

CVE-2022-45097

HIGH

CVSS:8.8(High)

Dell PowerScale OneFS 9.0.0.x-9.4.0.x contains an Incorrect User Management vulnerability. A low privileged network attacker could potentially exploit this vulnerability, leading to escalation of priv...

CWE-8422022

CVE-2022-45097

HIGH

CVSS:8.8(High)

CWE-8422022