F5 BIG-IP, REST Framework Logging Security Vulnerabilities

CVE-2024-3177 vulnerabilities

Vulnerabilities for packages: spark-operator, kubeflow-pipelines, nodetaint, aws-ebs-csi-driver, local-static-provisioner, kubernetes-csi-driver-hostpath, cluster-autoscaler, kubernetes-dns-node-cache, calico, kubernetes, ip-masq-agent,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: tctl, aactl, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, prometheus-stackdriver-exporter, istio-envoy, cue, oauth2-proxy, buildkitd, keda, pulumi, metacontroller, ollama, nginx-mainline, nvidia-device-plugin, prometheus, coredns, hugo, argo-cd,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, hugo-extended, aactl, nri-discovery-kubernetes, terraform, skopeo, memcached-exporter, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, prometheus-stackdriver-exporter, cass-operator, istio-pilot-discovery,....

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, kubernetes-csi-livenessprobe, prometheus-stackdriver-exporter, direnv, nri-nagios, pulumi, prometheus-pushgateway, k8sgpt, terragrunt, trivy, flyte, nri-mongodb, hello-world-golang,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: crossplane, kubernetes-csi-external-resizer, aactl, skopeo, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, wave, kyverno-policy-reporter-kyverno-plugin, guac, rekor, cue, harbor-scanner-trivy, oauth2-proxy, rclone, spegel, direnv, buildkitd,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: crossplane, kubernetes-csi-external-resizer, aactl, skopeo, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, wave, kyverno-policy-reporter-kyverno-plugin, guac, rekor, cue, harbor-scanner-trivy, oauth2-proxy, rclone, spegel, direnv, buildkitd,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: grpcurl, nsc, oras, hey, wait-for-port, aactl, nri-discovery-kubernetes, metrics-server, sonobuoy, dgraph, docker-cli, prometheus-stackdriver-exporter, cass-operator, kind, go-licenses, gops, cilium-envoy, gosu, protoc-gen-go-grpc, amass, k3d, cni-plugins,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: tctl, kubernetes-csi-external-resizer, aactl, terraform, memcached-exporter, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, prometheus-stackdriver-exporter, cue, oauth2-proxy, buildkitd, keda, pulumi, prometheus-alertmanager, prometheus-pushgateway,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, hugo-extended, aactl, nri-discovery-kubernetes, terraform, skopeo, memcached-exporter, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, prometheus-stackdriver-exporter, cass-operator, istio-pilot-discovery,....

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, kubernetes-csi-livenessprobe, prometheus-stackdriver-exporter, direnv, nri-nagios, pulumi, prometheus-pushgateway, k8sgpt, terragrunt, trivy, flyte, nri-mongodb, hello-world-golang,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: crossplane, kubernetes-csi-external-resizer, aactl, skopeo, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, wave, kyverno-policy-reporter-kyverno-plugin, guac, rekor, cue, harbor-scanner-trivy, oauth2-proxy, rclone, spegel, direnv, buildkitd,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: tctl, kubernetes-csi-external-resizer, aactl, terraform, memcached-exporter, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, prometheus-stackdriver-exporter, istio-pilot-discovery, cue, oauth2-proxy, istio-cni, buildkitd, keda, pulumi,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

CVE-2023-5528 vulnerabilities

Vulnerabilities for packages: spark-operator, nodetaint, aws-ebs-csi-driver, prometheus-adapter, cluster-autoscaler, kubernetes-dns-node-cache, calico, ip-masq-agent,...

GHSA-HQ6Q-C2X6-HMCH vulnerabilities

Vulnerabilities for packages: spark-operator, nodetaint, aws-ebs-csi-driver, prometheus-adapter, cluster-autoscaler, kubernetes-dns-node-cache, calico, ip-masq-agent,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: grpcurl, nsc, oras, hey, wait-for-port, aactl, nri-discovery-kubernetes, metrics-server, sonobuoy, dgraph, docker-cli, prometheus-stackdriver-exporter, cass-operator, kind, go-licenses, gops, cilium-envoy, gosu, protoc-gen-go-grpc, amass, k3d, cni-plugins,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: grpcurl, nsc, oras, hey, wait-for-port, aactl, nri-discovery-kubernetes, metrics-server, sonobuoy, dgraph, docker-cli, prometheus-stackdriver-exporter, cass-operator, kind, go-licenses, gops, cilium-envoy, gosu, protoc-gen-go-grpc, amass, k3d, cni-plugins,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: grpcurl, nsc, oras, hey, wait-for-port, aactl, nri-discovery-kubernetes, metrics-server, sonobuoy, dgraph, docker-cli, prometheus-stackdriver-exporter, cass-operator, kind, go-licenses, gops, cilium-envoy, gosu, protoc-gen-go-grpc, amass, k3d, cni-plugins,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: tctl, kubernetes-csi-external-resizer, aactl, terraform, memcached-exporter, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, prometheus-stackdriver-exporter, istio-pilot-discovery, cue, oauth2-proxy, istio-cni, buildkitd, keda, pulumi,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: tctl, kubernetes-csi-external-resizer, aactl, terraform, memcached-exporter, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, prometheus-stackdriver-exporter, cue, oauth2-proxy, buildkitd, keda, pulumi, prometheus-alertmanager, prometheus-pushgateway,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: tctl, aactl, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, prometheus-stackdriver-exporter, istio-envoy, cue, oauth2-proxy, buildkitd, keda, pulumi, metacontroller, ollama, nginx-mainline, nvidia-device-plugin, prometheus, coredns, hugo, argo-cd,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: crossplane, kubernetes-csi-external-resizer, aactl, skopeo, kubernetes-csi-livenessprobe, crossplane-provider-aws, src, wave, kyverno-policy-reporter-kyverno-plugin, guac, rekor, cue, harbor-scanner-trivy, oauth2-proxy, rclone, spegel, direnv, buildkitd,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: tctl, crossplane, kubernetes-csi-external-resizer, esbuild, nri-discovery-kubernetes, terraform, memcached-exporter, kubernetes-csi-livenessprobe, src, cass-operator, kyverno-policy-reporter-kyverno-plugin, cue, protoc-gen-go-grpc, supercronic, direnv, buildkitd,...

GHSA-PXHW-596R-RWQ5 vulnerabilities

Vulnerabilities for packages: spark-operator, kubeflow-pipelines, nodetaint, aws-ebs-csi-driver, local-static-provisioner, kubernetes-csi-driver-hostpath, cluster-autoscaler, kubernetes-dns-node-cache, calico, kubernetes, ip-masq-agent,...

palmharborhomes.com Cross Site Scripting vulnerability OBB-3928954

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

pajooheshbama.com Cross Site Scripting vulnerability OBB-3928953

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

oas.psu.ac.th Cross Site Scripting vulnerability OBB-3928950

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

ncase.ro Cross Site Scripting vulnerability OBB-3928947

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

naturavetal.de Cross Site Scripting vulnerability OBB-3928945

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

myautolux.com Cross Site Scripting vulnerability OBB-3928942

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

millanpatterson.com Cross Site Scripting vulnerability OBB-3928938

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

mair-research.com Cross Site Scripting vulnerability OBB-3928934

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

lskh.digital Cross Site Scripting vulnerability OBB-3928933

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

macaujc.com.mo Cross Site Scripting vulnerability OBB-3928932

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

literaryroadhouse.com Cross Site Scripting vulnerability OBB-3928929

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

lalozerenouvelle.com Cross Site Scripting vulnerability OBB-3928928

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

labelflexinc.com Cross Site Scripting vulnerability OBB-3928926

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

jph.us Cross Site Scripting vulnerability OBB-3928924

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

jmcmachines.com Cross Site Scripting vulnerability OBB-3928920

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

royaltaxi.me Cross Site Scripting vulnerability OBB-3928918

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

jimmybrittchevrolet.com Cross Site Scripting vulnerability OBB-3928919

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

A week in security (May 13 – May 19)

Last week on Malwarebytes Labs: Deleted iPhone photos show up again after iOS update Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it Notorious data leak site BreachForums seized by law enforcement Apple and Google join forces to stop unwanted tracking...