Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2021:3653
HistorySep 23, 2021 - 2:58 p.m.

(RHSA-2021:3653) Important: Red Hat Advanced Cluster Management 2.1.11 security fix and container updates

2021-09-2314:58:27
access.redhat.com
26

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.582 Medium

EPSS

Percentile

97.7%

JSON

Red Hat Advanced Cluster Management for Kubernetes 2.1.11 images

Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.

This advisory contains updates to one or more container images for Red Hat
Advanced Cluster Management for Kubernetes. See the following Release Notes
documentation, which will be updated shortly for this release, for additional
details about this release:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.1/html/release_notes/

Security fix:

  • management-ingress-container: nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name (CVE-2021-23017)

For more details about the security issue, including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Container updates:

  • RHACM 2.1.11 images (BZ# 1999375)

Related

nessus 82
redhat 24
centos 1
oraclelinux 5
osv 7
rocky 2
almalinux 3
suse 3
photon 7
mageia 1
ubuntu 2
cloudfoundry 2
slackware 1
amazon 2
archlinux 1
fedora 7
freebsd 1
altlinux 2
veracode 5
debiancve 4
cbl_mariner 7
cve 5
redhatcve 4
hackerone 3
ubuntucve 4
prion 6
ibm 3
cloudlinux 1
f5 1
alpinelinux 1
debian 1
githubexploit 1
nessus
nessus
CentOS 7 : kernel (CESA-2021:3327)
2021-09-02 00:00:00
Oracle Linux 7 : kernel (ELSA-2021-3327)
2021-09-02 00:00:00
RHEL 7 : kernel (RHSA-2021:3327)
2021-09-01 00:00:00
redhat
redhat
(RHSA-2021:3327) Important: kernel security and bug fix update
2021-08-31 07:45:12
(RHSA-2021:3328) Important: kernel-rt security and bug fix update
2021-08-31 07:45:27
(RHSA-2021:3582) Moderate: curl security update
2021-09-21 07:12:18
centos
centos
bpftool, kernel, perf, python security update
2021-08-31 21:19:47
oraclelinux
oraclelinux
kernel security and bug fix update
2021-08-31 00:00:00
curl security update
2021-09-21 00:00:00
krb5 security update
2021-09-23 00:00:00
osv
osv
Moderate: curl security update
2021-09-21 07:12:18
Moderate: krb5 security update
2021-09-21 07:09:33
krb5 vulnerabilities
2023-03-16 07:06:07
rocky
rocky
curl security update
2021-09-21 07:12:18
krb5 security update
2021-09-21 07:09:33
almalinux
almalinux
Moderate: curl security update
2021-09-21 07:12:18
Moderate: krb5 security update
2021-09-21 07:09:33
Moderate: libX11 security update
2021-11-09 09:01:07
suse
suse
Security update for curl (moderate)
2021-07-21 00:00:00
Security update for curl (moderate)
2021-07-24 00:00:00
Security update for krb5 (moderate)
2021-10-31 00:00:00
photon
photon
Moderate Photon OS Security Update - PHSA-2021-0273
2021-07-24 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0069
2021-07-25 00:00:00
Moderate Photon OS Security Update - PHSA-2021-4.0-0069
2021-07-25 00:00:00
mageia
mageia
Updated curl packages fix security vulnerabilities
2021-07-27 23:21:53
ubuntu
ubuntu
Kerberos vulnerabilities
2023-03-16 00:00:00
Kernel Live Patch Security Notice
2021-09-13 00:00:00
cloudfoundry
cloudfoundry
USN-5959-1: Kerberos vulnerabilities Severity | Cloud Foundry
2023-04-29 00:00:00
USN-4966-1: libx11 vulnerability | Cloud Foundry
2021-06-11 00:00:00
slackware
slackware
[slackware-security] curl
2021-07-21 18:22:03
amazon
amazon
Medium: curl
2021-09-08 23:35:00
Medium: curl
2021-09-02 22:54:00
archlinux
archlinux
[ASA-202107-59] curl: multiple issues
2021-07-21 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: curl-7.76.1-7.fc34
2021-07-23 01:06:01
[SECURITY] Fedora 33 Update: curl-7.71.1-10.fc33
2021-08-07 01:14:48
[SECURITY] Fedora 34 Update: curl-7.76.1-12.fc34
2021-09-21 15:33:29
freebsd
freebsd
cURL -- Multiple vulnerabilities
2021-07-21 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 9 package krb5 version 1.17.2-alt3
2022-03-21 00:00:00
Security fix for the ALT Linux 10 package krb5 version 1.19.3-alt1
2022-03-18 00:00:00
veracode
veracode
Wrong Content
2021-07-22 05:50:53
Information Disclosure
2021-07-22 05:01:40
Insecure SSL Configuration
2021-07-22 05:50:57
debiancve
debiancve
CVE-2021-22923
2021-08-05 21:15:00
CVE-2021-22922
2021-08-05 21:15:00
CVE-2021-22924
2021-08-05 21:15:00
cbl_mariner
cbl_mariner
CVE-2021-22923 affecting package curl 7.76.0-6
2022-04-09 06:51:45
CVE-2021-37750 affecting package krb5 1.19.2-1
2022-06-26 03:29:33
CVE-2021-22923 affecting package curl 7.76.0-9
2021-08-11 06:39:26
cve
cve
CVE-2021-22923
2021-08-05 21:15:00
CVE-2021-37750
2021-08-23 05:15:00
CVE-2021-22922
2021-08-05 21:15:00
redhatcve
redhatcve
CVE-2021-22923
2021-07-21 09:20:09
CVE-2020-27777
2020-11-23 20:51:58
CVE-2021-22922
2021-08-25 14:35:27
hackerone
hackerone
curl: CVE-2021-22922: Wrong content via metalink not discarded
2021-05-30 20:49:36
curl: CVE-2021-22924: Bad connection reuse due to flawed path name checks
2021-06-11 03:47:23
curl: CVE-2021-22923: Metalink download sends credentials
2021-05-30 21:32:16
ubuntucve
ubuntucve
CVE-2021-22922
2021-07-21 00:00:00
CVE-2020-27777
2020-12-15 00:00:00
CVE-2021-22923
2021-07-21 00:00:00
prion
prion
Design/Logic Flaw
2020-12-15 17:15:00
Code injection
2021-08-05 21:15:00
Design/Logic Flaw
2021-08-05 21:15:00
ibm
ibm
Security Bulletin: Vulnerability in Linux Kernel affects IBM Integrated Analytics System.
2022-04-20 08:52:46
Security Bulletin: Vulnerability in MIT Kerberos 5 affects PowerSC (CVE-2021-37750)
2022-09-15 15:34:05
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private - curl (CVE-2021-22924)
2022-04-22 14:34:57
cloudlinux
cloudlinux
Fix of CVE: CVE-2021-22924
2021-09-21 22:10:36
f5
f5
K54308152 : cURL vulnerability CVE-2021-22923
2021-08-03 00:00:00
alpinelinux
alpinelinux
CVE-2021-22924
2021-08-05 21:15:00
debian
debian
[SECURITY] [DSA 4920-1] libx11 security update
2021-05-24 07:08:00
githubexploit
githubexploit
Exploit for Use of Incorrectly-Resolved Name or Reference in Haxx Libcurl
2022-04-30 03:40:15

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.582 Medium

EPSS

Percentile

97.7%

JSON
Related for RHSA-2021:3653
nessus82redhat24centos1oraclelinux5osv7rocky2almalinux3suse3photon7mageia1ubuntu2cloudfoundry2slackware1amazon2archlinux1fedora7freebsd1altlinux2veracode5debiancve4cbl_mariner7cve5redhatcve4hackerone3ubuntucve4prion6ibm3cloudlinux1f51alpinelinux1debian1githubexploit1