When the isula load command is used to load malicious images, attackers can execute arbitrary code.
References
Configurations
Configuration 1 (hide)
|
History
09 Sep 2024, 15:35
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-94 |
08 Nov 2023, 14:36
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:openeuler:isula:2.1.2:*:*:*:*:*:*:* cpe:2.3:a:openeuler:isula:2.0.18-10:*:*:*:*:*:*:* cpe:2.3:a:openeuler:isula:2.0.8-20210518.144540:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
First Time |
Openeuler isula
Openeuler |
|
References | (MISC) https://gitee.com/src-openeuler/iSulad/pulls/627/files - Patch | |
References | (MISC) https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2023-1686 - Vendor Advisory | |
References | (MISC) https://gitee.com/src-openeuler/iSulad/pulls/600/files - Patch | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
29 Oct 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-10-29 08:15
Updated : 2024-09-09 15:35
NVD link : CVE-2021-33636
Mitre link : CVE-2021-33636
CVE.ORG link : CVE-2021-33636
JSON object : View
Products Affected
openeuler
- isula
CWE
NVD-CWE-noinfo
CWE-665
Improper Initialization
CWE-94Improper Control of Generation of Code ('Code Injection')