A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. An improper path validation of tar files in ExtractTarStreamFromTarReader in tar/tar.go leads to privilege escalation.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:59
Type | Values Removed | Values Added |
---|---|---|
References | () https://access.redhat.com/errata/RHSA-2018:1227 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:1229 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:1231 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:1233 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:1235 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:1237 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:1239 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:1241 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2018:1243 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2019:0036 - Vendor Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=1562246 - Issue Tracking, Patch, Vendor Advisory |
Information
Published : 2018-04-30 19:29
Updated : 2024-11-21 03:59
NVD link : CVE-2018-1102
Mitre link : CVE-2018-1102
CVE.ORG link : CVE-2018-1102
JSON object : View
Products Affected
redhat
- openshift