A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2022-03-03T21:41:19
Updated: 2024-08-03T17:09:08.890Z
Reserved: 2021-09-03T00:00:00
Link: CVE-2021-3762
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-03-03T22:15:08.467
Modified: 2023-01-30T19:17:56.973
Link: CVE-2021-3762
Redhat