VDB
CVE-2021-29133
CVE-2021-29133
PUBLISHED
CVSS 2.0999999046325684 LOW
Lack of verification in haserl, a component of Alpine Linux Configuration Framework, before 0.9.36 allows local users to read the contents of any file on the filesystem.
EPSS 1.95% · 83.8th percentile
Risk Scores
CVSS v2.0
2.0999999046325684
EPSS Score
1.95%
83.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| haserl_project | haserl | 0 |
Timeline
- Mar 24, 2021 CVE Published
- Apr 9, 2021 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 22, 2021 EPSS Score
- Sep 14, 2021 EPSS Score
- Sep 16, 2021 EPSS Score
- Oct 25, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 27, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 2, 2022 EPSS Score
References
- https://github.com/rapid7/metasploit-framework/pull/14833 url
- https://gitlab.alpinelinux.org/alpine/aports/-/issues/12539 url
- https://twitter.com/steaIth/status/1364940271054712842 url
- https://github.com/rapid7/metasploit-framework/pull/14833/commits/5bf6b2d094deb22fa8183ce161b90cbe4fd40a70 url
- https://nvd.nist.gov/vuln/detail/CVE-2021-29133 advisory