CVE-2018-1102

Published: Apr 30, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. An improper path validation of tar files in ExtractTarStreamFromTarReader in tar/tar.go leads to privilege escalation.

Vendor	Product	Versions
Red Hat, Inc.	atomic-openshift	affected `as shipped with Openshift Enterprise 3.x`

Weaknesses (CWE)

CWE-20

References

RHSA-2018:1235

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1241

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1233

vendor-advisory

x_refsource_REDHAT

RHSA-2019:0036

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1237

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1227

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1243

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1231

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=1562246

x_refsource_CONFIRM

RHSA-2018:1229

vendor-advisory

x_refsource_REDHAT

RHSA-2018:1239

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-1102

Description

Affected Products

Weaknesses (CWE)

References