{"containers":{"cna":{"affected":[{"product":"atomic-openshift","vendor":"Red Hat, Inc.","versions":[{"status":"affected","version":"as shipped with Openshift Enterprise 3.x"}]}],"datePublic":"2018-03-29T00:00:00.000Z","descriptions":[{"lang":"en","value":"A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. An improper path validation of tar files in ExtractTarStreamFromTarReader in tar/tar.go leads to privilege escalation."}],"problemTypes":[{"descriptions":[{"cweId":"CWE-20","description":"CWE-20","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2019-01-09T10:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"RHSA-2018:1235","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1235"},{"name":"RHSA-2018:1241","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1241"},{"name":"RHSA-2018:1233","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1233"},{"name":"RHSA-2019:0036","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2019:0036"},{"name":"RHSA-2018:1237","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1237"},{"name":"RHSA-2018:1227","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1227"},{"name":"RHSA-2018:1243","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1243"},{"name":"RHSA-2018:1231","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1231"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1562246"},{"name":"RHSA-2018:1229","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1229"},{"name":"RHSA-2018:1239","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"https://access.redhat.com/errata/RHSA-2018:1239"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T03:51:49.044Z"},"title":"CVE Program Container","references":[{"name":"RHSA-2018:1235","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1235"},{"name":"RHSA-2018:1241","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1241"},{"name":"RHSA-2018:1233","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1233"},{"name":"RHSA-2019:0036","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2019:0036"},{"name":"RHSA-2018:1237","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1237"},{"name":"RHSA-2018:1227","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1227"},{"name":"RHSA-2018:1243","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1243"},{"name":"RHSA-2018:1231","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1231"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1562246"},{"name":"RHSA-2018:1229","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1229"},{"name":"RHSA-2018:1239","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2018:1239"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2018-1102","dateReserved":"2017-12-04T00:00:00.000Z","dateUpdated":"2024-08-05T03:51:49.044Z","state":"PUBLISHED","datePublished":"2018-04-30T19:00:00.000Z"},"dataType":"CVE_RECORD","dataVersion":"5.1"}