Lucene search
PRIOn knowledge basePRION:CVE-2021-20319HistoryMar 04, 2022 - 6:15 p.m.
Design/Logic Flaw
2022-03-0418:15:00
PRIOn knowledge base
www.prio-n.com
4
An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image can write arbitrary data, and achieve full access to the node being installed.
| CPE | Name | Operator | Version |
|---|---|---|---|
| coreos-installer | lt | 0.10.1 |
Related
nessus
nessus
RHEL 8 : OpenShift Container Platform 4.7.36 (RHSA-2021:3930)
2021-10-28 00:00:00
RHEL 8 : OpenShift Container Platform 4.8.17 (RHSA-2021:3926)
2021-10-28 00:00:00
RHEL 8 : OpenShift Container Platform 4.6.49 (RHSA-2021:4008)
2021-11-06 00:00:00
nvd
nvd
CVE-2021-20319
2022-03-04 18:15:08
redhat
redhat
cve
cve
CVE-2021-20319
2022-03-04 18:15:08
cvelist
cvelist
CVE-2021-20319
2022-03-04 17:05:50
openvas
openvas
Fedora: Security Advisory for rust-coreos-installer (FEDORA-2021-23fed0cab4)
2021-10-30 00:00:00
Fedora: Security Advisory for rust-coreos-installer (FEDORA-2021-449a2bdaf3)
2021-10-21 00:00:00
Fedora: Security Advisory for rust-coreos-installer (FEDORA-2021-3d52eb54ca)
2021-10-21 00:00:00
github
github
fedora
fedora
[SECURITY] Fedora 33 Update: rust-coreos-installer-0.10.1-2.fc33
2021-10-20 19:26:43
[SECURITY] Fedora 35 Update: rust-coreos-installer-0.10.1-1.fc35
2021-10-29 23:25:08
[SECURITY] Fedora 34 Update: rust-coreos-installer-0.10.1-1.fc34
2021-10-20 19:23:35
veracode
veracode
Incorrect Signature Verification
2021-11-01 23:51:05
osv
osv
coreos-installer improperly verifies GPG signature when decompressing gzipped artifact
2021-10-12 16:06:47
CVE-2021-20319
2022-03-04 18:15:08
redhatcve
redhatcve
CVE-2021-20319
2021-10-11 05:12:25