Showing 1 - 13 of 13

CVE-2021-23177

Status Candidate

Overview

An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain more privileges.

Related Files

Red Hat Security Advisory 2023-4053-01: Posted Jul 19, 2023; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2023-4053-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.45. Issues addressed include a code execution vulnerability.; tags | advisory, code execution; systems | linux, redhat; advisories | CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-20838, CVE-2020-14155, CVE-2020-24370, CVE-2020-35525, CVE-2020-35527, CVE-2021-20231, CVE-2021-20232, CVE-2021-23177, CVE-2021-31566, CVE-2021-3580, CVE-2021-36084; SHA-256 | 3bcde00c10f50e0c04e8bb156e955aa18c0b0fde3d60fb4c86dca74a55ed295e; Download | Favorite | View

Red Hat Security Advisory 2022-5132-01: Posted Jun 21, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-5132-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-25032, CVE-2021-23177, CVE-2021-23222, CVE-2021-25219, CVE-2021-31566, CVE-2021-3634, CVE-2021-3672, CVE-2021-3737, CVE-2021-4189, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-1902, CVE-2022-24407; SHA-256 | bfca0ba942391c6a43c9f8d48bf4d26fb94e10f853c2bf23fb873d2cf0db5c07; Download | Favorite | View

Red Hat Security Advisory 2022-1747-01: Posted May 10, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1747-01 - OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2018-25032, CVE-2021-23177, CVE-2021-31566, CVE-2021-3999, CVE-2021-41771, CVE-2021-41772, CVE-2021-45960, CVE-2021-46143, CVE-2022-0778, CVE-2022-21426, CVE-2022-21434, CVE-2022-21443, CVE-2022-21449, CVE-2022-21476, CVE-2022-21496, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23218, CVE-2022-23219, CVE-2022-23308, CVE-2022-23852, CVE-2022-25235; SHA-256 | 9f53c43845e6989b1ee838b81e5c8b82022554a46d50f3d5c6ed2d4ad233ec23; Download | Favorite | View

Red Hat Security Advisory 2022-1734-01: Posted May 5, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1734-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2021-23177, CVE-2021-31566, CVE-2021-3999, CVE-2021-4028, CVE-2021-41190, CVE-2021-41771, CVE-2021-41772, CVE-2021-44716, CVE-2021-44717, CVE-2021-45960, CVE-2021-46143, CVE-2022-0261, CVE-2022-0318, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0413, CVE-2022-0778, CVE-2022-1154, CVE-2022-1271, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23218; SHA-256 | 67eeebb8087b0fc31c8fbd504ec1c532cbcd40628f892f8aff82695c15395b0d; Download | Favorite | View

Red Hat Security Advisory 2022-1476-01: Posted Apr 21, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1476-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.3 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which provide some security fixes and bug fixes. Issues addressed include an information leakage vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-0920, CVE-2021-23177, CVE-2021-23566, CVE-2021-31566, CVE-2021-3999, CVE-2021-41190, CVE-2021-4154, CVE-2021-43565, CVE-2021-45960, CVE-2021-46143, CVE-2022-0144, CVE-2022-0155, CVE-2022-0235, CVE-2022-0261, CVE-2022-0318, CVE-2022-0330, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0413, CVE-2022-0435, CVE-2022-0492, CVE-2022-0516, CVE-2022-0536, CVE-2022-0778, CVE-2022-0811, CVE-2022-0847, CVE-2022-22822; SHA-256 | 518f87bfae6ff4f29f3572832aa384efe8f2162ebac11f7d53caab2d6df42933; Download | Favorite | View

Red Hat Security Advisory 2022-1396-01: Posted Apr 20, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1396-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.; tags | advisory, web; systems | linux, redhat; advisories | CVE-2014-3577, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2020-25709, CVE-2020-25710, CVE-2021-0920, CVE-2021-20231, CVE-2021-20232, CVE-2021-21684, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-23177, CVE-2021-28153, CVE-2021-31566; SHA-256 | 9c6ace15db6cc4f4efff553e069be87d1d00778ed7287b08bb97673bf221855f; Download | Favorite | View

Red Hat Security Advisory 2022-1083-01: Posted Mar 29, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1083-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.8 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include an information leakage vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-0920, CVE-2021-23177, CVE-2021-23566, CVE-2021-31566, CVE-2021-3999, CVE-2021-4154, CVE-2021-45960, CVE-2021-46143, CVE-2022-0144, CVE-2022-0155, CVE-2022-0235, CVE-2022-0261, CVE-2022-0318, CVE-2022-0330, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0413, CVE-2022-0435, CVE-2022-0492, CVE-2022-0516, CVE-2022-0536, CVE-2022-0847, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825; SHA-256 | 9442197180deeb5f25977efd08ace4909b97f3f5729b4b0b9f276d27f078ba23; Download | Favorite | View

Red Hat Security Advisory 2022-1081-01: Posted Mar 28, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1081-01 - Gatekeeper Operator v0.2 Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include security updates, and container upgrades. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.; tags | advisory; systems | linux, redhat; advisories | CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2021-20231, CVE-2021-20232, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-23177, CVE-2021-28153, CVE-2021-31566, CVE-2021-3200, CVE-2021-33560, CVE-2021-3445, CVE-2021-3521, CVE-2021-3580, CVE-2021-36084; SHA-256 | 35e0984360562b4b8fbf9fe40fae589355479f6f0de58360c9bbc860cb6a290e; Download | Favorite | View

Red Hat Security Advisory 2022-1039-01: Posted Mar 24, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1039-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2020-25709, CVE-2020-25710, CVE-2021-23177, CVE-2021-31566, CVE-2021-3999, CVE-2021-45960, CVE-2021-46143, CVE-2022-1025, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23218, CVE-2022-23219, CVE-2022-23308, CVE-2022-23852, CVE-2022-24407, CVE-2022-24730, CVE-2022-24731, CVE-2022-25235, CVE-2022-25236, CVE-2022-25315; SHA-256 | a3aa6dabb32b90d59c78082f139db0780896fec7f29703a5c21de22ea3a9a54a; Download | Favorite | View

Red Hat Security Advisory 2022-1041-01: Posted Mar 24, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1041-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2021-23177, CVE-2021-31566, CVE-2021-3999, CVE-2021-45960, CVE-2021-46143, CVE-2022-0261, CVE-2022-0318, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0413, CVE-2022-1025, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23218, CVE-2022-23219, CVE-2022-23308, CVE-2022-23852, CVE-2022-24407, CVE-2022-24730, CVE-2022-24731, CVE-2022-25235, CVE-2022-25236; SHA-256 | 6445fba90799b01b872171494589c69dffa5557ff9ffa53f46f79a6cee9831a2; Download | Favorite | View

Red Hat Security Advisory 2022-1042-01: Posted Mar 24, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-1042-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include privilege escalation and traversal vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2020-25709, CVE-2020-25710, CVE-2021-23177, CVE-2021-31566, CVE-2021-3999, CVE-2021-45960, CVE-2021-46143, CVE-2022-0261, CVE-2022-0318, CVE-2022-0359, CVE-2022-0361, CVE-2022-0392, CVE-2022-0413, CVE-2022-0811, CVE-2022-1025, CVE-2022-22822, CVE-2022-22823, CVE-2022-22824, CVE-2022-22825, CVE-2022-22826, CVE-2022-22827, CVE-2022-23218, CVE-2022-23219, CVE-2022-23308, CVE-2022-23852, CVE-2022-24407, CVE-2022-24730; SHA-256 | 5265a1937f32a43b20d3f66c08e5c5c57fd157ff3cf351d7f38e42467527af1a; Download | Favorite | View

Red Hat Security Advisory 2022-0892-01: Posted Mar 15, 2022; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2022-0892-01 - The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file managers.; tags | advisory, python; systems | linux, redhat; advisories | CVE-2021-23177, CVE-2021-31566; SHA-256 | 686be55c0541c52f7228bb399f498ef4abc8ee622ecfeb33ac3cc160e6173af6; Download | Favorite | View

Ubuntu Security Notice USN-5291-1: Posted Feb 17, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5291-1 - It was discovered that libarchive incorrectly handled symlinks. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly use this issue to change modes, times, ACLs, and flags on arbitrary files. It was discovered that libarchive incorrectly handled certain RAR archives. If a user or automated system were tricked into processing a specially crafted RAR archive, an attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code.; tags | advisory, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2021-23177, CVE-2021-36976; SHA-256 | 4444b74c02c62c6e4ec7adcda07f165bfa1f82d815a4e9ed5717ef2db923bab8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 295 files
Ubuntu 58 files
Debian 33 files
Gentoo 32 files
LiquidWorm 10 files
Apple 9 files
malvuln 6 files
Adam Gowdiak 4 files
nu11secur1ty 4 files
Ahmet Umit Bayram 4 files

File Archives

Systems

AIX (429)
Apple (2,087)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,042)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (375)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,598)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,755)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,493)
UNIX (9,400)
UnixWare (187)
Windows (6,659)
Other

CVE-2021-23177

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems