{"id":"GO-2022-0828","summary":"Path Traversal in Buildah in github.com/containers/buildah","details":"Path Traversal in Buildah in github.com/containers/buildah","aliases":["CVE-2020-10696","GHSA-fx8w-mjvm-hvpc"],"modified":"2026-02-04T03:21:39.450313Z","published":"2024-08-21T15:29:04Z","related":["CGA-896r-32fv-cppf"],"database_specific":{"review_status":"REVIEWED","url":"https://pkg.go.dev/vuln/GO-2022-0828"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-fx8w-mjvm-hvpc"},{"type":"FIX","url":"https://github.com/containers/buildah/pull/2245"},{"type":"WEB","url":"https://access.redhat.com/security/cve/cve-2020-10696"},{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1817651"},{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10696"}],"affected":[{"package":{"name":"github.com/containers/buildah","ecosystem":"Go","purl":"pkg:golang/github.com/containers/buildah"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.14.4"}]}],"ecosystem_specific":{"imports":[{"symbols":["downloadToDirectory","stdinToDirectory"],"path":"github.com/containers/buildah/imagebuildah"}]},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2022-0828.json"}}],"schema_version":"1.7.3"}