what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 20 of 20 RSS Feed

CVE-2021-3521

Status Candidate

Overview

There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a primary key via a "binding signature." RPM does not check the binding signature of subkeys prior to importing them. If an attacker is able to add or socially engineer another party to add a malicious subkey to a legitimate public key, RPM could wrongly trust a malicious signature. The greatest impact of this flaw is to data integrity. To exploit this flaw, an attacker must either compromise an RPM repository or convince an administrator to install an untrusted RPM or public key. It is strongly recommended to only use RPMs and public keys from trusted sources.

Related Files

Gentoo Linux Security Advisory 202210-22
Posted Oct 31, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-22 - Multiple vulnerabilities have been found in RPM, the worst of which could lead to root privilege escalation. Versions less than 4.18.0 are affected.

tags | advisory, root, vulnerability
systems | linux, gentoo
advisories | CVE-2021-3521, CVE-2021-35937, CVE-2021-35938, CVE-2021-35939
SHA-256 | 8c1ffb54a8729a67c5d3316994d62c0907b691c9e3c843159b99c8eea50d4c28
Red Hat Security Advisory 2022-0577-01
Posted Mar 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0577-01 - Windows Container Support for Red Hat OpenShift allows you to deploy Windows container workloads running on Windows Server containers.

tags | advisory
systems | linux, redhat, windows
advisories | CVE-2020-28851, CVE-2020-28852, CVE-2021-29923, CVE-2021-3121, CVE-2021-31525, CVE-2021-33195, CVE-2021-33197, CVE-2021-33198, CVE-2021-34558, CVE-2021-3521, CVE-2021-36221, CVE-2021-3712, CVE-2021-42574, CVE-2022-24407
SHA-256 | 46a08de5d03a31ae3c0835a6727df01e33108a18746235e493a42ff7c3841cd4
Red Hat Security Advisory 2022-1081-01
Posted Mar 28, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1081-01 - Gatekeeper Operator v0.2 Gatekeeper is an open source project that applies the OPA Constraint Framework to enforce policies on your Kubernetes clusters. This advisory contains the container images for Gatekeeper that include security updates, and container upgrades. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2021-20231, CVE-2021-20232, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-23177, CVE-2021-28153, CVE-2021-31566, CVE-2021-3200, CVE-2021-33560, CVE-2021-3445, CVE-2021-3521, CVE-2021-3580, CVE-2021-36084
SHA-256 | 35e0984360562b4b8fbf9fe40fae589355479f6f0de58360c9bbc860cb6a290e
Red Hat Security Advisory 2022-1051-01
Posted Mar 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-1051-01 - This version of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.6, 4.7, 4.8, 4.9, and 4.10, includes security and bug fixes and enhancements. For more information, see the documentation listed in the References section.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2021-3712, CVE-2021-44716, CVE-2021-44717, CVE-2022-21248, CVE-2022-21277, CVE-2022-21282, CVE-2022-21283, CVE-2022-21291, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-21366, CVE-2022-24407
SHA-256 | 2e0da9ea18b09e17e6e69fc9a2810e91ca82a2afeb79f59f84f8be4e4caa9768
Red Hat Security Advisory 2022-0842-01
Posted Mar 15, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0842-01 - Red Hat OpenStack Platform 16.2 (Train) director Operator containers are available for technology preview. A security fix for golang was added.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-12762, CVE-2020-13435, CVE-2020-14155, CVE-2020-16135, CVE-2020-24370, CVE-2021-20231, CVE-2021-20232, CVE-2021-22876, CVE-2021-22898, CVE-2021-22925, CVE-2021-27645, CVE-2021-28153, CVE-2021-3200, CVE-2021-33560, CVE-2021-33574, CVE-2021-3426, CVE-2021-3445, CVE-2021-3521, CVE-2021-3572
SHA-256 | 80b74ed477449b078e64bfe4b351cf3ae8952086a5b337aeaac32eb932f1b39e
Red Hat Security Advisory 2022-0595-02
Posted Mar 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0595-02 - Red Hat Advanced Cluster Management for Kubernetes 2.3.6 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include an information leakage vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-25704, CVE-2020-36322, CVE-2021-20321, CVE-2021-23566, CVE-2021-3521, CVE-2021-3712, CVE-2021-3872, CVE-2021-3918, CVE-2021-3984, CVE-2021-4019, CVE-2021-4034, CVE-2021-4122, CVE-2021-4155, CVE-2021-4192, CVE-2021-4193, CVE-2021-42574, CVE-2021-42739, CVE-2021-43565, CVE-2022-0155, CVE-2022-0185, CVE-2022-20612, CVE-2022-20617
SHA-256 | 2598df9c773007328e30775692ba0a74b35fca2f6cdbd52f2b81faf7636ae67b
Red Hat Security Advisory 2022-0735-01
Posted Mar 4, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0735-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.2 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Issues addressed include denial of service, open redirection, privilege escalation, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2021-22963, CVE-2021-3521, CVE-2021-3712, CVE-2021-3807, CVE-2021-3872, CVE-2021-3918, CVE-2021-3984, CVE-2021-4019, CVE-2021-4034, CVE-2021-41089, CVE-2021-41091, CVE-2021-4122, CVE-2021-4155, CVE-2021-4192, CVE-2021-4193, CVE-2021-42574, CVE-2021-43565, CVE-2021-43816, CVE-2021-43858, CVE-2022-0185, CVE-2022-0235, CVE-2022-24407, CVE-2022-24450
SHA-256 | 0f428578537f68dfaf14cf427f755f1edf5314f8b08ecb6c1be275b4a8bd343e
Red Hat Security Advisory 2022-0721-01
Posted Mar 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0721-01 - OpenShift Logging bug fix and security update.

tags | advisory
systems | linux, redhat
advisories | CVE-2020-28491, CVE-2021-3521, CVE-2021-3872, CVE-2021-3984, CVE-2021-4019, CVE-2021-4122, CVE-2021-4192, CVE-2021-4193, CVE-2022-0552
SHA-256 | 56465dbe0e309c51d9cad7b5c9b7d5b98496363cb3901f6639e5d9fa006dc7fe
Red Hat Security Advisory 2022-0687-01
Posted Mar 1, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0687-01 - OpenShift API for Data Protection enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-29482, CVE-2021-3521, CVE-2021-41190, CVE-2021-4122
SHA-256 | 2d3f8766f4f08c404e5c5f3eabe6435b0dbdde93b6a4a7e79ad278062cd70ff5
Red Hat Security Advisory 2022-0634-01
Posted Feb 23, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0634-01 - The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3521
SHA-256 | 028fc173bb2966a04fa3d31241dc22ab17f70bf1d0e53ca3714acef166afb038
Red Hat Security Advisory 2022-0585-01
Posted Feb 22, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0585-01 - Service Telemetry Framework provides automated collection of measurements and data from remote clients, such as Red Hat OpenStack Platform or third-party nodes. STF then transmits the information to a centralized, receiving Red Hat OpenShift Container Platform deployment for storage, retrieval, and monitoring.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2021-44716
SHA-256 | e3736ed038216370a7604f5c59b16e7473f02dc6af7d9e7b2156673cde467d8b
Red Hat Security Advisory 2022-0492-01
Posted Feb 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0492-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.43.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20206, CVE-2021-3521, CVE-2021-4034, CVE-2022-20612, CVE-2022-20617, CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-23094
SHA-256 | 05aecb754e5832077aaa2ae3980ca42cf63ce1fddf63c16a0324164d48232f01
Red Hat Security Advisory 2022-0485-01
Posted Feb 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0485-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.8.31. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2021-44832, CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365
SHA-256 | 6f7bd6a883143556684328257cb36296db70ecbaa5b3867d62347e1a663d11ae
Red Hat Security Advisory 2022-0493-01
Posted Feb 17, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0493-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.43. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2021-44832, CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365
SHA-256 | 9e7d944ca54beda01b236743b077feee00182de5b6e1edb6db7cecabd0e71943
Red Hat Security Advisory 2022-0477-01
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0477-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2022-24348
SHA-256 | c2f6f6959c2687261189ed0f694c49adcf1a1884ed06355be1e0c16913ce6cc8
Red Hat Security Advisory 2022-0476-01
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0476-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a traversal vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2021-3712, CVE-2021-3872, CVE-2021-3984, CVE-2021-4019, CVE-2021-4122, CVE-2021-4192, CVE-2021-4193, CVE-2022-24348
SHA-256 | 929378052a3a411f8efbf9599d884f20c434cba232af8d52e55c49760a05849e
Red Hat Security Advisory 2022-0444-03
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0444-03 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.4.10 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, vulnerability, code execution, sql injection
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2021-3872, CVE-2021-3984, CVE-2021-4019, CVE-2021-4104, CVE-2021-4122, CVE-2021-4192, CVE-2021-4193, CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307
SHA-256 | 01d61577c054fdc6811e8c973157ed1965b0a35a1a548c43587e56e55dda446a
Red Hat Security Advisory 2022-0445-02
Posted Feb 9, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0445-02 - Red Hat Single Sign-On is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat Single Sign-On for OpenShift image provides an authentication server that you can use to log in centrally, log out, and register. You can also manage user accounts for web applications, mobile applications, and RESTful web services. This erratum releases a new image for Red Hat Single Sign-On 7.4.10 for use within the OpenShift Container Platform 3.10, OpenShift Container Platform 3.11, and within the OpenShift Container Platform 4.3 cloud computing Platform-as-a-Service for on-premise or private cloud deployments, aligning with the standalone product release. Issues addressed include code execution, deserialization, and remote SQL injection vulnerabilities.

tags | advisory, remote, web, vulnerability, code execution, sql injection
systems | linux, redhat
advisories | CVE-2021-3521, CVE-2021-3872, CVE-2021-3984, CVE-2021-4019, CVE-2021-4104, CVE-2021-4122, CVE-2021-4192, CVE-2021-4193, CVE-2022-21248, CVE-2022-21282, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21296, CVE-2022-21299, CVE-2022-21305, CVE-2022-21340, CVE-2022-21341, CVE-2022-21360, CVE-2022-21365, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307
SHA-256 | 68b598130715c8ab77692afc87a417dc1d35cc928552fc589ae55707f5cd6fa5
Red Hat Security Advisory 2022-0368-03
Posted Feb 2, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0368-03 - The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3521
SHA-256 | 7ce852fca24a99538a9b17e648c4fe3e22c89dd397ce5fa0fdd2097a2f1b8a4f
Red Hat Security Advisory 2022-0254-03
Posted Jan 25, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-0254-03 - The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-3521
SHA-256 | da1bfa6d46bd6466de03cbf646bf958121c32d1cd4a28ca17e40cc8d7160b4a6
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close