CVE-2022-41939 : knative.dev/func is is a client library and CLI enabling the development and dep

knative.dev/func is is a client library and CLI enabling the development and deployment of Kubernetes functions. Developers using a malicious or compromised third-party buildpack could expose their registry credentials or local docker socket to a malicious `lifecycle` container. This issues has been patched in PR #1442, and is part of release 1.8.1. This issue only affects users who are using function buildpacks from third-parties; pinning the builder image to a specific content-hash with a valid `lifecycle` image will also mitigate the attack.

Published 2022-11-19 01:15:13

Updated 2023-03-14 15:35:41

Source GitHub, Inc.

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2022-41939

Linuxfoundation » Knative Func
Versions before (<) 1.8.1
cpe:2.3:a:linuxfoundation:knative_func:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2022-41939

EPSS FAQ

0.10%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 25 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-41939

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.4	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N	2.8	4.0	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: High Integrity: None Availability: None
6.1	MEDIUM	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N	1.6	4.0	GitHub, Inc.
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: Required Scope: Changed Confidentiality: High Integrity: None Availability: None

CWE ids for CVE-2022-41939

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: security-advisories@github.com (Primary)

References for CVE-2022-41939

https://github.com/knative/func/pull/1442

fix(GHSA-5336-2g3f-9g3m): Fixes GSA GHSA-5336-2g3f-9g3m by lance · Pull Request #1442 · knative/func · GitHub
Patch;Third Party Advisory
https://github.com/knative/func/blob/5ca77d38744d3481cc0b795f607c5859b19588fc/buildpacks/builder.go#L37-L41

func/builder.go at 5ca77d38744d3481cc0b795f607c5859b19588fc · knative/func · GitHub
Third Party Advisory
https://github.com/knative/func/releases/tag/knative-v1.8.1

Release Knative Func release v1.8.1 · knative/func · GitHub
Release Notes;Third Party Advisory
https://github.com/knative/func/security/advisories/GHSA-5336-2g3f-9g3m

Potential local compromise when running third-party builders · Advisory · knative/func · GitHub
Exploit;Patch;Third Party Advisory

Jump to

Vulnerability Details : CVE-2022-41939

Products affected by CVE-2022-41939

Exploit prediction scoring system (EPSS) score for CVE-2022-41939

CVSS scores for CVE-2022-41939

CWE ids for CVE-2022-41939

References for CVE-2022-41939