Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAGGkMiuFnMtwuUOeP7zdtf0dryKk0JLHfnHAk0uCzioKWeWKfw@mail.gmail.com>
Date: Wed, 29 Sep 2021 20:20:22 +0200
From: Przemyslaw Roguski <proguski@...hat.com>
To: oss-security@...ts.openwall.com
Subject: CVE-2021-3762 quay/claircore: directory traversal when scanning
 crafted container image

Hello,

A directory traversal vulnerability was found in the ClairCore engine of
Clair.
An attacker can exploit this by supplying a crafted container image which,
when scanned by Clair, allows for arbitrary file write on the filesystem,
potentially allowing for remote code execution.

Red Hat has assigned CVE-2021-3762 to this vulnerability.
These issues have been rated Critical, with a CVSS:
9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

### Affected Versions
ClairCore 0.4.6 release and higher (Clair v4.1.4 and higher)
ClairCore 0.5.3 release and higher (Clair v4.2.1 and higher)

### Fixed Versions
ClairCore v0.4.8 (shipped in Clair v4.1.6)
ClairCore v0.5.5 (shipped in Clair v4.2.3)

### Fixes
https://github.com/quay/claircore/pull/478
https://github.com/quay/clair/pull/1379
https://github.com/quay/clair/pull/1380

## Acknowledgements
Yanir Tsarimi
twitter.com/Yanir_
(Orca Security)


Best regards,
Przemyslaw Roguski

--
Przemyslaw Roguski / Red Hat Product Security

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.