CVE-2021-3762

A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution.
Configurations

Configuration 1

cpe:2.3:a:redhat:clair:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:clair:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:quay:3.5.6:*:*:*:*:*:*:*

Information

Published : 2022-03-03 10:15

Updated : 2023-01-30 07:17


NVD link : CVE-2021-3762

Mitre link : CVE-2021-3762

Products Affected
No products.
CWE