CVE-2021-29136
CVE-2021-29136 affects Open Container Initiative tool umoci before 0.4.7. A crafted image can trigger symlink traversal during “umoci unpack” or “umoci raw unpack,” allowing an attacker to overwrite arbitrary host paths by manipulating the layer’s contents. Several advisories (openSUSE/SUSE) docu...