A directory traversal vulnerability was found in the ClairCore engine of Clair. An attacker can exploit this by supplying a crafted container image which, when scanned by Clair, allows for arbitrary file write on the filesystem, potentially allowing for remote code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat clair |
||
redhat quay 3.5.6 |