Showing 1 - 2 of 2

CVE-2021-3344

Status Candidate

Overview

A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to overwrite arbitrary container images in internal registries and/or escalate their privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This affects github.com/openshift/builder v0.0.0-20210125201112-7901cb396121 and before.

Related Files

Red Hat Security Advisory 2021-0428-01: Posted Mar 3, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0428-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a privilege escalation vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2021-3344; SHA-256 | b9ce790b067b7f1b30b7506e8562a60ed5b8b2aa99d61302c24633939ba16813; Download | Favorite | View

Red Hat Security Advisory 2021-0308-01: Posted Feb 8, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-0308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.16. Issues addressed include memory leak and privilege escalation vulnerabilities.; tags | advisory, vulnerability, memory leak; systems | linux, redhat; advisories | CVE-2015-8011, CVE-2016-2183, CVE-2020-14382, CVE-2021-20198, CVE-2021-3344; SHA-256 | dca033969dbad57e5b0b2d3a6a1dad57f3f1a39cd52810fbcbaa5225da1fd411; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 287 files
Ubuntu 60 files
Debian 32 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
liquidsky 3 files
kai6u 3 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

CVE-2021-3344

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems