CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-20291

A deadlock vulnerability was found in 'github.com/containers/storage' in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.4%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 7.1

References

Products affected by CVE-2021-20291

Redhat » Openshift Container Platform » Version: 4.0

cpe:2.3:a:redhat:openshift_container_platform:4.0
Storage Project » Storage » Version: N/A

cpe:2.3:a:storage_project:storage:-
Storage Project » Storage » Version: 0.21.1

cpe:2.3:a:storage_project:storage:0.21.1
Storage Project » Storage » Version: 1.0

cpe:2.3:a:storage_project:storage:1.0
Storage Project » Storage » Version: 1.1

cpe:2.3:a:storage_project:storage:1.1
Storage Project » Storage » Version: 1.10

cpe:2.3:a:storage_project:storage:1.10
Storage Project » Storage » Version: 1.11

cpe:2.3:a:storage_project:storage:1.11
Storage Project » Storage » Version: 1.11.1

cpe:2.3:a:storage_project:storage:1.11.1
Storage Project » Storage » Version: 1.12.0

cpe:2.3:a:storage_project:storage:1.12.0
Storage Project » Storage » Version: 1.12.1

cpe:2.3:a:storage_project:storage:1.12.1
Storage Project » Storage » Version: 1.12.10

cpe:2.3:a:storage_project:storage:1.12.10
Storage Project » Storage » Version: 1.12.11

cpe:2.3:a:storage_project:storage:1.12.11
Storage Project » Storage » Version: 1.12.12

cpe:2.3:a:storage_project:storage:1.12.12
Storage Project » Storage » Version: 1.12.13

cpe:2.3:a:storage_project:storage:1.12.13
Storage Project » Storage » Version: 1.12.14

cpe:2.3:a:storage_project:storage:1.12.14
Storage Project » Storage » Version: 1.12.15

cpe:2.3:a:storage_project:storage:1.12.15
Storage Project » Storage » Version: 1.12.16

cpe:2.3:a:storage_project:storage:1.12.16
Storage Project » Storage » Version: 1.12.2

cpe:2.3:a:storage_project:storage:1.12.2
Storage Project » Storage » Version: 1.12.3

cpe:2.3:a:storage_project:storage:1.12.3
Storage Project » Storage » Version: 1.12.4

cpe:2.3:a:storage_project:storage:1.12.4
Storage Project » Storage » Version: 1.12.5

cpe:2.3:a:storage_project:storage:1.12.5
Storage Project » Storage » Version: 1.12.6

cpe:2.3:a:storage_project:storage:1.12.6
Storage Project » Storage » Version: 1.12.7

cpe:2.3:a:storage_project:storage:1.12.7
Storage Project » Storage » Version: 1.12.8

cpe:2.3:a:storage_project:storage:1.12.8
Storage Project » Storage » Version: 1.12.9

cpe:2.3:a:storage_project:storage:1.12.9
Storage Project » Storage » Version: 1.13.0

cpe:2.3:a:storage_project:storage:1.13.0
Storage Project » Storage » Version: 1.13.1

cpe:2.3:a:storage_project:storage:1.13.1
Storage Project » Storage » Version: 1.13.2

cpe:2.3:a:storage_project:storage:1.13.2
Storage Project » Storage » Version: 1.13.3

cpe:2.3:a:storage_project:storage:1.13.3
Storage Project » Storage » Version: 1.13.4

cpe:2.3:a:storage_project:storage:1.13.4
Storage Project » Storage » Version: 1.13.5

cpe:2.3:a:storage_project:storage:1.13.5
Storage Project » Storage » Version: 1.13.6

cpe:2.3:a:storage_project:storage:1.13.6
Storage Project » Storage » Version: 1.13.7

cpe:2.3:a:storage_project:storage:1.13.7
Storage Project » Storage » Version: 1.14.0

cpe:2.3:a:storage_project:storage:1.14.0
Storage Project » Storage » Version: 1.15.0

cpe:2.3:a:storage_project:storage:1.15.0
Storage Project » Storage » Version: 1.15.1

cpe:2.3:a:storage_project:storage:1.15.1
Storage Project » Storage » Version: 1.15.2

cpe:2.3:a:storage_project:storage:1.15.2
Storage Project » Storage » Version: 1.15.3

cpe:2.3:a:storage_project:storage:1.15.3
Storage Project » Storage » Version: 1.15.4

cpe:2.3:a:storage_project:storage:1.15.4
Storage Project » Storage » Version: 1.15.5

cpe:2.3:a:storage_project:storage:1.15.5
Storage Project » Storage » Version: 1.15.6

cpe:2.3:a:storage_project:storage:1.15.6
Storage Project » Storage » Version: 1.15.7

cpe:2.3:a:storage_project:storage:1.15.7
Storage Project » Storage » Version: 1.15.8

cpe:2.3:a:storage_project:storage:1.15.8
Storage Project » Storage » Version: 1.16.0

cpe:2.3:a:storage_project:storage:1.16.0
Storage Project » Storage » Version: 1.16.1

cpe:2.3:a:storage_project:storage:1.16.1
Storage Project » Storage » Version: 1.16.2

cpe:2.3:a:storage_project:storage:1.16.2
Storage Project » Storage » Version: 1.16.3

cpe:2.3:a:storage_project:storage:1.16.3
Storage Project » Storage » Version: 1.16.4

cpe:2.3:a:storage_project:storage:1.16.4
Storage Project » Storage » Version: 1.16.5

cpe:2.3:a:storage_project:storage:1.16.5
Storage Project » Storage » Version: 1.16.6

cpe:2.3:a:storage_project:storage:1.16.6
Storage Project » Storage » Version: 1.17.0

cpe:2.3:a:storage_project:storage:1.17.0
Storage Project » Storage » Version: 1.18.0

cpe:2.3:a:storage_project:storage:1.18.0
Storage Project » Storage » Version: 1.18.1

cpe:2.3:a:storage_project:storage:1.18.1
Storage Project » Storage » Version: 1.18.2

cpe:2.3:a:storage_project:storage:1.18.2
Storage Project » Storage » Version: 1.19.0

cpe:2.3:a:storage_project:storage:1.19.0
Storage Project » Storage » Version: 1.19.1

cpe:2.3:a:storage_project:storage:1.19.1
Storage Project » Storage » Version: 1.19.2

cpe:2.3:a:storage_project:storage:1.19.2
Storage Project » Storage » Version: 1.2

cpe:2.3:a:storage_project:storage:1.2
Storage Project » Storage » Version: 1.20.1

cpe:2.3:a:storage_project:storage:1.20.1
Storage Project » Storage » Version: 1.20.2

cpe:2.3:a:storage_project:storage:1.20.2
Storage Project » Storage » Version: 1.20.3

cpe:2.3:a:storage_project:storage:1.20.3
Storage Project » Storage » Version: 1.20.4

cpe:2.3:a:storage_project:storage:1.20.4
Storage Project » Storage » Version: 1.20.5

cpe:2.3:a:storage_project:storage:1.20.5
Storage Project » Storage » Version: 1.21.0

cpe:2.3:a:storage_project:storage:1.21.0
Storage Project » Storage » Version: 1.21.1

cpe:2.3:a:storage_project:storage:1.21.1
Storage Project » Storage » Version: 1.21.2

cpe:2.3:a:storage_project:storage:1.21.2
Storage Project » Storage » Version: 1.22.0

cpe:2.3:a:storage_project:storage:1.22.0
Storage Project » Storage » Version: 1.23.0

cpe:2.3:a:storage_project:storage:1.23.0
Storage Project » Storage » Version: 1.23.1

cpe:2.3:a:storage_project:storage:1.23.1
Storage Project » Storage » Version: 1.23.2

cpe:2.3:a:storage_project:storage:1.23.2
Storage Project » Storage » Version: 1.23.3

cpe:2.3:a:storage_project:storage:1.23.3
Storage Project » Storage » Version: 1.23.4

cpe:2.3:a:storage_project:storage:1.23.4
Storage Project » Storage » Version: 1.23.5

cpe:2.3:a:storage_project:storage:1.23.5
Storage Project » Storage » Version: 1.23.6

cpe:2.3:a:storage_project:storage:1.23.6
Storage Project » Storage » Version: 1.23.7

cpe:2.3:a:storage_project:storage:1.23.7
Storage Project » Storage » Version: 1.23.8

cpe:2.3:a:storage_project:storage:1.23.8
Storage Project » Storage » Version: 1.23.9

cpe:2.3:a:storage_project:storage:1.23.9
Storage Project » Storage » Version: 1.24.0

cpe:2.3:a:storage_project:storage:1.24.0
Storage Project » Storage » Version: 1.24.1

cpe:2.3:a:storage_project:storage:1.24.1
Storage Project » Storage » Version: 1.24.2

cpe:2.3:a:storage_project:storage:1.24.2
Storage Project » Storage » Version: 1.24.3

cpe:2.3:a:storage_project:storage:1.24.3
Storage Project » Storage » Version: 1.24.4

cpe:2.3:a:storage_project:storage:1.24.4
Storage Project » Storage » Version: 1.24.5

cpe:2.3:a:storage_project:storage:1.24.5
Storage Project » Storage » Version: 1.24.6

cpe:2.3:a:storage_project:storage:1.24.6
Storage Project » Storage » Version: 1.24.7

cpe:2.3:a:storage_project:storage:1.24.7
Storage Project » Storage » Version: 1.24.8

cpe:2.3:a:storage_project:storage:1.24.8
Storage Project » Storage » Version: 1.25.0

cpe:2.3:a:storage_project:storage:1.25.0
Storage Project » Storage » Version: 1.26.0

cpe:2.3:a:storage_project:storage:1.26.0
Storage Project » Storage » Version: 1.27.0

cpe:2.3:a:storage_project:storage:1.27.0
Storage Project » Storage » Version: 1.28.0

cpe:2.3:a:storage_project:storage:1.28.0
Storage Project » Storage » Version: 1.3

cpe:2.3:a:storage_project:storage:1.3
Storage Project » Storage » Version: 1.4

cpe:2.3:a:storage_project:storage:1.4
Storage Project » Storage » Version: 1.5

cpe:2.3:a:storage_project:storage:1.5
Storage Project » Storage » Version: 1.6

cpe:2.3:a:storage_project:storage:1.6
Storage Project » Storage » Version: 1.7

cpe:2.3:a:storage_project:storage:1.7
Storage Project » Storage » Version: 1.8

cpe:2.3:a:storage_project:storage:1.8
Storage Project » Storage » Version: 1.9

cpe:2.3:a:storage_project:storage:1.9
Fedoraproject » Fedora » Version: 33

cpe:2.3:o:fedoraproject:fedora:33
Fedoraproject » Fedora » Version: 34

cpe:2.3:o:fedoraproject:fedora:34
Redhat » Enterprise Linux » Version: 8.0

cpe:2.3:o:redhat:enterprise_linux:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-20291

Products

Pricing

Contact Us