{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2022-2995","title":"Title"},{"category":"description","text":"Incorrect handling of the supplementary groups in the CRI-O container engine might lead to sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2022-2995","url":"https://www.suse.com/security/cve/CVE-2022-2995"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1202806 for CVE-2022-2995","url":"https://bugzilla.suse.com/1202806"}],"title":"SUSE CVE CVE-2022-2995","tracking":{"current_release_date":"2025-02-16T07:58:41Z","generator":{"date":"2023-02-15T03:32:06Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2022-2995","initial_release_date":"2023-02-15T03:32:06Z","revision_history":[{"date":"2023-02-15T03:32:06Z","number":"2","summary":"Current version"},{"date":"2025-01-01T03:29:08Z","number":"3","summary":"Current version"},{"date":"2025-02-15T04:09:11Z","number":"4","summary":"Current version"},{"date":"2025-02-16T07:58:41Z","number":"5","summary":"Current version"}],"status":"interim","version":"5"}}}