github.com/quay/claircore@v1.5.28/rhel/rhcc/testdata/cve-2021-3762.xml (about) 1 <?xml version="1.0" encoding="utf-8"?> 2 <cvemap updated="2021-11-16T19:11:00" license="CC BY 4.0, https://creativecommons.org/licenses/by/4.0/"> 3 4 <Vulnerability name="CVE-1999-0002"> 5 <Details source="Mitre" xml:lang="en:us"> 6 Buffer overflow in NFS mountd gives root access to remote attackers, mostly in Linux systems. 7 </Details> 8 <Statement xml:lang="en:us"> 9 This issue has been addressed in nfs-server packages as shipped in Red Hat Linux since version nfs-server-2.2beta37. 10 </Statement> 11 </Vulnerability> 12 13 <Vulnerability name="CVE-2004-0976"> 14 <ThreatSeverity>Low</ThreatSeverity> 15 <PublicDate>2004-09-30T00:00:00</PublicDate> 16 <Bugzilla id="1617339" url="https://bugzilla.redhat.com/show_bug.cgi?id=1617339" xml:lang="en:us"> 17 CVE-2004-0976 security flaw 18 </Bugzilla> 19 <Details source="Mitre" xml:lang="en:us"> 20 Multiple scripts in the perl package in Trustix Secure Linux 1.5 through 2.1 and other operating systems allows local users to overwrite files via a symlink attack on temporary files. 21 </Details> 22 <Statement xml:lang="en:us"> 23 Red Hat is aware of this issue and is tracking it via the following bug: 24 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=140058 25 26 The Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw. More information regarding issue severity can be found here: 27 http://www.redhat.com/security/updates/classification/ 28 29 Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch. 30 </Statement> 31 <AffectedRelease cpe="cpe:/o:redhat:enterprise_linux:3"> 32 <ProductName>Red Hat Enterprise Linux 3</ProductName> 33 <ReleaseDate>2005-12-20T00:00:00</ReleaseDate> 34 <Advisory type="RHSA" url="https://access.redhat.com/errata/RHSA-2005:881">RHSA-2005:881</Advisory> 35 <Package name="perl">perl-2:5.8.0-90.4</Package> 36 </AffectedRelease> 37 </Vulnerability> 38 39 <Vulnerability name="CVE-2013-1690"> 40 <ThreatSeverity>Critical</ThreatSeverity> 41 <PublicDate>2013-06-25T00:00:00</PublicDate> 42 <Bugzilla id="977602" url="https://bugzilla.redhat.com/show_bug.cgi?id=977602" xml:lang="en:us"> 43 CVE-2013-1690 Mozilla: Execution of unmapped memory through onreadystatechange event (MFSA 2013-53) 44 </Bugzilla> 45 <CVSS status="verified"> 46 <CVSSBaseScore>6.8</CVSSBaseScore> 47 <CVSSScoringVector>AV:N/AC:M/Au:N/C:P/I:P/A:P</CVSSScoringVector> 48 </CVSS> 49 <Details source="Mitre" xml:lang="en:us"> 50 Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly handle onreadystatechange events in conjunction with page reloading, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted web site that triggers an attempt to execute data at an unmapped memory location. 51 </Details> 52 <AffectedRelease cpe="cpe:/o:redhat:enterprise_linux:5"> 53 <ProductName>Red Hat Enterprise Linux 5</ProductName> 54 <ReleaseDate>2013-06-25T00:00:00</ReleaseDate> 55 <Advisory type="RHSA" url="https://access.redhat.com/errata/RHSA-2013:0981">RHSA-2013:0981</Advisory> 56 <Package name="firefox">firefox-0:17.0.7-1.el5_9</Package> 57 </AffectedRelease> 58 <AffectedRelease cpe="cpe:/o:redhat:enterprise_linux:5"> 59 <ProductName>Red Hat Enterprise Linux 5</ProductName> 60 <ReleaseDate>2013-06-25T00:00:00</ReleaseDate> 61 <Advisory type="RHSA" url="https://access.redhat.com/errata/RHSA-2013:0981">RHSA-2013:0981</Advisory> 62 <Package name="xulrunner">xulrunner-0:17.0.7-1.el5_9</Package> 63 </AffectedRelease> 64 <AffectedRelease cpe="cpe:/o:redhat:enterprise_linux:5"> 65 <ProductName>Red Hat Enterprise Linux 5</ProductName> 66 <ReleaseDate>2013-06-25T00:00:00</ReleaseDate> 67 <Advisory type="RHSA" url="https://access.redhat.com/errata/RHSA-2013:0982">RHSA-2013:0982</Advisory> 68 <Package name="thunderbird">thunderbird-0:17.0.7-1.el5_9</Package> 69 </AffectedRelease> 70 <AffectedRelease cpe="cpe:/o:redhat:enterprise_linux:6"> 71 <ProductName>Red Hat Enterprise Linux 6</ProductName> 72 <ReleaseDate>2013-06-25T00:00:00</ReleaseDate> 73 <Advisory type="RHSA" url="https://access.redhat.com/errata/RHSA-2013:0981">RHSA-2013:0981</Advisory> 74 <Package name="firefox">firefox-0:17.0.7-1.el6_4</Package> 75 </AffectedRelease> 76 <AffectedRelease cpe="cpe:/o:redhat:enterprise_linux:6"> 77 <ProductName>Red Hat Enterprise Linux 6</ProductName> 78 <ReleaseDate>2013-06-25T00:00:00</ReleaseDate> 79 <Advisory type="RHSA" url="https://access.redhat.com/errata/RHSA-2013:0981">RHSA-2013:0981</Advisory> 80 <Package name="xulrunner">xulrunner-0:17.0.7-1.el6_4</Package> 81 </AffectedRelease> 82 <AffectedRelease cpe="cpe:/o:redhat:enterprise_linux:6"> 83 <ProductName>Red Hat Enterprise Linux 6</ProductName> 84 <ReleaseDate>2013-06-25T00:00:00</ReleaseDate> 85 <Advisory type="RHSA" url="https://access.redhat.com/errata/RHSA-2013:0982">RHSA-2013:0982</Advisory> 86 <Package name="thunderbird">thunderbird-0:17.0.7-1.el6_4</Package> 87 </AffectedRelease> 88 <References xml:lang="en:us"> 89 http://www.mozilla.org/security/announce/2013/mfsa2013-53.html 90 </References> 91 </Vulnerability> 92 93 94 95 <Vulnerability name="CVE-2021-3762"> 96 <ThreatSeverity>Critical</ThreatSeverity> 97 <PublicDate>2021-09-28T12:00:00</PublicDate> 98 <Bugzilla id="2000795" url="https://bugzilla.redhat.com/show_bug.cgi?id=2000795" xml:lang="en:us"> 99 CVE-2021-3762 quay/claircore: directory traversal when scanning crafted container image layer allows for arbitrary file write 100 </Bugzilla> 101 <CVSS3 status="verified"> 102 <CVSS3BaseScore>9.8</CVSS3BaseScore> 103 <CVSS3ScoringVector>CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H</CVSS3ScoringVector> 104 </CVSS3> 105 <CWE>CWE-22</CWE> 106 <Details source="Red Hat" xml:lang="en:us"> 107 A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution. 108 </Details> 109 <Statement xml:lang="en:us"> 110 Only a single version of Red Hat Quay, 3.5.6 is affected by this vulnerability. All previous released versions of Red Hat Quay are not affected by this vulnerability. 111 112 The overall vulnerability is rated as Critical for the ClairCore engine, but only rated Important for the Red Hat Quay product. In Red Hat Quay, Clair runs as the 'nobody' user in an unprivileged container, limiting the impact to modification of non-sensitives files in that container. 113 114 Red Hat Advanced Cluster Security is not affected by this vulnerability. 115 116 Quay.io is not affected by this vulnerability. 117 </Statement> 118 <Acknowledgement xml:lang="en:us"> 119 Red Hat would like to thank Yanir Tsarimi (Orca Security) for reporting this issue. 120 </Acknowledgement> 121 <Mitigation xml:lang="en:us"> 122 Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. 123 </Mitigation> 124 <AffectedRelease cpe="cpe:/a:redhat:quay:3" impact="important"> 125 <ProductName>Red Hat Quay 3</ProductName> 126 <ReleaseDate>2021-09-28T00:00:00</ReleaseDate> 127 <Advisory type="RHSA" url="https://access.redhat.com/errata/RHSA-2021:3665">RHSA-2021:3665</Advisory> 128 <Package name="quay/clair-rhel8">quay/clair-rhel8:v3.5.7-8</Package> 129 </AffectedRelease> 130 <UpstreamFix>quay/claircore 0.5.5, quay/claircore 0.4.8</UpstreamFix> 131 </Vulnerability> 132 133 </cvemap>