A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2022-03-03T21:41:19

Updated: 2024-08-03T17:09:08.890Z

Reserved: 2021-09-03T00:00:00

Link: CVE-2021-3762

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2022-03-03T22:15:08.467

Modified: 2023-01-30T19:17:56.973

Link: CVE-2021-3762

cve-icon Redhat

Severity : Critical

Publid Date: 2021-09-28T12:00:00Z

Links: CVE-2021-3762 - Bugzilla