CVE-2021-29136

Published: Apr 6, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

Open Container Initiative umoci before 0.4.7 allows attackers to overwrite arbitrary host paths via a crafted image that causes symlink traversal when "umoci unpack" or "umoci raw unpack" is used.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.openwall.com/lists/oss-security/2021/04/06/2

x_refsource_MISC

https://github.com/opencontainers/umoci/security/advisories/GHSA-9m95-8hx6-7p9v

x_refsource_CONFIRM

https://github.com/opencontainers/umoci/commit/d9efc31daf2206f7d3fdb839863cf7a576a2eb57

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-29136

Description

Affected Products

References