CVE-2021-29482

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 19-08-2020 02:00

Last modified: - 19-08-2020 02:00

Total changes: - 21

Description

CVE-2021-29482 ulikunitz/xz: Infinite loop in readUvarint allows for denial of service

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Low

Attack complexity

Network

Attack vector

High

Availability

None

Confidentiality

None

Integrity

None

Privileges required

Unchanged

Scope

None

User interaction

7.5

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=oadp/oadp-velero-plugin-rhel8 AND versionEndExcluding=1.0.1-5

vendor=Red Hat Enterprise Linux AND product=openshift_api_data_protection AND version=1.0

AND

product=servicemesh-0 AND versionEndExcluding=2.0.9-3.el8

vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=2.0

AND

product=rhacm2/cluster-curator-controller-rhel8 AND versionEndExcluding=v2.3.0-41

vendor=Red Hat Enterprise Linux AND product=acm AND version=2.3

AND

product=rhacm2/multicloud-manager-rhel8 AND versionEndExcluding=v2.3.0-69

vendor=Red Hat Enterprise Linux AND product=acm AND version=2.3

AND

product=rhacm2/multiclusterhub-rhel8 AND versionEndExcluding=v2.3.0-106

vendor=Red Hat Enterprise Linux AND product=acm AND version=2.3

AND

product=rhacm2/multicluster-operators-application-rhel8 AND versionEndExcluding=v2.3.0-39

vendor=Red Hat Enterprise Linux AND product=acm AND version=2.3

AND

product=rhacm2/search-collector-rhel8 AND versionEndExcluding=v2.3.0-52

vendor=Red Hat Enterprise Linux AND product=acm AND version=2.3

AND

product=rhosp-rhel8-tech-preview/osp-director-operator AND versionEndExcluding=1.2.3-2

vendor=Red Hat Enterprise Linux AND product=openstack AND version=16.2

AND

product=container-native-virtualization/bridge-marker AND versionEndExcluding=v4.8.0-17

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/cluster-network-addons-operator AND versionEndExcluding=v4.8.0-28

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/cnv-containernetworking-plugins AND versionEndExcluding=v4.8.0-14

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/cnv-must-gather-rhel8 AND versionEndExcluding=v4.8.0-50

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/hco-bundle-registry AND versionEndExcluding=v4.8.0-451

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/hostpath-provisioner-rhel8 AND versionEndExcluding=v4.8.0-14

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/hostpath-provisioner-rhel8-operator AND versionEndExcluding=v4.8.0-17

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/hyperconverged-cluster-operator AND versionEndExcluding=v4.8.0-62

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/hyperconverged-cluster-webhook-rhel8 AND versionEndExcluding=v4.8.0-62

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/kubemacpool AND versionEndExcluding=v4.8.0-22

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/kubernetes-nmstate-handler-rhel8 AND versionEndExcluding=v4.8.0-21

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/kubevirt-ssp-operator AND versionEndExcluding=v4.8.0-41

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/kubevirt-template-validator AND versionEndExcluding=v4.8.0-9

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/kubevirt-v2v-conversion AND versionEndExcluding=v4.8.0-10

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/kubevirt-vmware AND versionEndExcluding=v4.8.0-11

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/node-maintenance-operator AND versionEndExcluding=v4.8.0-19

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/ovs-cni-marker AND versionEndExcluding=v4.8.0-17

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/ovs-cni-plugin AND versionEndExcluding=v4.8.0-17

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-api AND versionEndExcluding=v4.8.0-67

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-cdi-apiserver AND versionEndExcluding=v4.8.0-25

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-cdi-cloner AND versionEndExcluding=v4.8.0-25

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-cdi-controller AND versionEndExcluding=v4.8.0-25

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-cdi-importer AND versionEndExcluding=v4.8.0-25

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-cdi-operator AND versionEndExcluding=v4.8.0-25

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-cdi-uploadproxy AND versionEndExcluding=v4.8.0-25

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-cdi-uploadserver AND versionEndExcluding=v4.8.0-25

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-controller AND versionEndExcluding=v4.8.0-67

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-handler AND versionEndExcluding=v4.8.0-67

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virtio-win AND versionEndExcluding=v4.8.0-9

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-launcher AND versionEndExcluding=v4.8.0-67

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/virt-operator AND versionEndExcluding=v4.8.0-67

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/vm-import-controller AND versionEndExcluding=v4.8.0-18

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/vm-import-controller-rhel8 AND versionEndExcluding=v4.8.0-18

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/vm-import-operator-rhel8 AND versionEndExcluding=v4.8.0-18

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=container-native-virtualization/vm-import-virtv2v-rhel8 AND versionEndExcluding=v4.8.0-18

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=4.8

AND

product=openshift-migration-plugin-container AND version=

vendor=Red Hat Enterprise Linux AND product=rhmt

AND

product=multicloud-operators-application-container AND version=

vendor=Red Hat Enterprise Linux AND product=acm AND version=2

AND

product=multicloud-operators-channel-container AND version=

vendor=Red Hat Enterprise Linux AND product=acm AND version=2

AND

product=rhacm2/openshift-hive-rhel7 AND version=

vendor=Red Hat Enterprise Linux AND product=acm AND version=2

AND

product=rhacm2/openshift-hive-rhel8 AND version=

vendor=Red Hat Enterprise Linux AND product=acm AND version=2

AND

product=buildah AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4

AND

product=openshift4/cnf-tests-rhel8 AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4

AND

product=openshift4/ose-baremetal-installer-rhel8 AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4

AND

product=openshift4/ose-baremetal-machine-controllers AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4

AND

product=openshift4/ose-installer AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4

AND

product=openshift4/ose-installer-artifacts AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4

AND

product=podman AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4

AND

product=skopeo AND version=

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4

AND

product=virt-cdi-importer-container AND version=

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2

AND

product=virt-cdi-uploadserver-container AND version=

vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2

AND

product=osp-director-provisioner-container AND version=

vendor=Red Hat Enterprise Linux AND product=openstack AND version=16.2

AND

product=rhosp-beta-rhel8/osp-director-downloader AND version=

vendor=Red Hat Enterprise Linux AND product=openstack AND version=16.2

AND

product=rhosp-rhel8-tech-preview/osp-director-downloader AND version=

vendor=Red Hat Enterprise Linux AND product=openstack AND version=16.2

AND

product=quay/clair-rhel8 AND version=

vendor=Red Hat Enterprise Linux AND product=quay AND version=3

AND

product=quay/quay-builder-rhel8 AND version=

vendor=Red Hat Enterprise Linux AND product=quay AND version=3

AND

product=quay/quay-operator-rhel8 AND version=

vendor=Red Hat Enterprise Linux AND product=quay AND version=3

Reference

Keywords

REDHAT

CVE-2021-29482

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.