Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2022:6954
HistoryOct 13, 2022 - 2:53 p.m.

(RHSA-2022:6954) Moderate: Red Hat Advanced Cluster Management 2.5.3 security fixes and bug fixes

2022-10-1314:53:04
access.redhat.com
16

7.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

COMPLETE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:C/A:P

0.004 Low

EPSS

Percentile

74.0%

JSON

Red Hat Advanced Cluster Management for Kubernetes 2.5.3 images

Red Hat Advanced Cluster Management for Kubernetes provides the
capabilities to address common challenges that administrators and site
reliability engineers face as they work across a range of public and
private cloud environments. Clusters and applications are all visible and
managed from a single console—with security policy built in.

This advisory contains the container images for Red Hat Advanced Cluster
Management for Kubernetes, which fix security issues and several bugs. See the following Release Notes documentation, which will be updated shortly for this
release, for additional details about this release:

https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.5/html/release_notes/

Security fix:

  • search-api-container: search-api: SQL injection leads to remote denial of service (CVE-2022-2238)

Bug fixes:

  • search-aggregator pod is continuously getting OOMkilled on the hub (BZ# 2092863)

  • ACM 2.5 cannot create known_hosts file when pulling from ssh git repo (BZ# 2105885)

  • Production RHACM upgrade from v2.4.2 to 2.5.1 (BZ# 2121063)

  • No errors shown for failed helm deployments (BZ# 2124636)

  • In topology, cluster deploy status is shown as not deployed however new project is created on the cluster (BZ# 2125441)

Related

redhat 14
nessus 61
osv 14
openvas 46
oraclelinux 15
rocky 5
ubuntu 4
xen 1
almalinux 3
vmware 1
fedora 13
hp 1
mageia 3
malwarebytes 1
ibm 3
mscve 1
intel 1
debian 1
centos 1
citrix 1
f5 1
debiancve 1
cbl_mariner 3
redos 1
cloudfoundry 1
photon 1
suse 1
redhat
redhat
(RHSA-2022:6537) Moderate: Moderate:OpenShift Container Platform 4.11.5 security and extras update
2022-09-20 08:05:07
(RHSA-2022:6536) Moderate: OpenShift Container Platform 4.11.5 bug fix and security update
2022-09-20 16:25:52
(RHSA-2022:6437) Moderate: kernel-rt security and bug fix update
2022-09-13 07:36:33
nessus
nessus
Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5485-1)
2022-06-17 00:00:00
AlmaLinux 8 : kernel-rt (ALSA-2022:6437)
2022-10-12 00:00:00
Scientific Linux Security Update : kernel on SL7.x x86_64 (2022:5937)
2022-08-10 00:00:00
osv
osv
linux-oem-5.14 vulnerabilities
2022-07-01 17:45:51
Moderate: kernel security, bug fix, and enhancement update
2022-09-13 00:00:00
linux, linux-aws, linux-aws-hwe, linux-aws-5.13, linux-aws-5.4, linux-azure, linux-azure-4.15, linux-azure-5.13, linux-azure-5.4, linux-azure-fde, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-gcp-5.13, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.13, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-intel-5.13, linux-intel-iotg, linux-kvm, linux-lowlatency, linux-oracle, linux-oracle-5.13, linux-oracle-5.4 vulnerabilities
2022-06-17 02:00:03
openvas
openvas
Ubuntu: Security Advisory (USN-5485-1)
2022-06-18 00:00:00
Fedora: Security Advisory for kernel (FEDORA-2022-177a008b98)
2022-06-19 00:00:00
Fedora: Security Advisory for xen (FEDORA-2022-925fc688c1)
2022-07-02 00:00:00
oraclelinux
oraclelinux
kernel security and bug fix update
2022-08-11 00:00:00
kernel security, bug fix, and enhancement update
2022-09-14 00:00:00
Unbreakable Enterprise kernel-container security update
2022-06-15 00:00:00
rocky
rocky
kernel security, bug fix, and enhancement update
2022-09-13 07:37:13
kernel-rt security and bug fix update
2022-09-13 07:36:33
microcode_ctl bug fix and enhancement update
2022-11-02 13:51:49
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-06-17 00:00:00
Linux kernel (OEM) vulnerabilities
2022-07-01 00:00:00
Linux kernel vulnerabilities
2022-06-16 00:00:00
xen
xen
x86: MMIO Stale Data vulnerabilities
2022-06-14 18:21:00
almalinux
almalinux
Moderate: kernel security, bug fix, and enhancement update
2022-09-13 00:00:00
Moderate: kernel-rt security and bug fix update
2022-09-13 00:00:00
Moderate: python3 security update
2022-09-13 00:00:00
vmware
vmware
VMware ESXi addresses DirectPath I/O (PCI-Passthrough) Information Leak vulnerabilities (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166)
2022-06-14 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: xen-4.16.1-4.fc36
2022-07-01 01:09:33
[SECURITY] Fedora 35 Update: kernel-5.18.5-100.fc35
2022-06-18 01:45:12
[SECURITY] Fedora 36 Update: kernel-5.18.5-200.fc36
2022-06-17 01:16:22
hp
hp
Intel® Processors June 2022 Security Update
2022-06-14 00:00:00
mageia
mageia
Updated kernel packages fix security vulnerabilities
2022-06-29 19:18:17
Updated kernel-linus packages fix security vulnerabilities
2022-06-29 19:18:17
Updated python packages fix security vulnerability
2022-10-13 23:05:19
malwarebytes
malwarebytes
Intel CPU vulnerabilities fixed. But should you update?
2023-03-06 07:00:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in base image packages affect IBM Voice Gateway
2022-10-27 18:15:22
Security Bulletin: Multiple vulnerabilities in Intel Processors affect IBM Cloud Pak System
2023-03-31 15:06:36
Security Bulletin: IBM App Connect Enterprise Certified Container may be vulnerable to arbitrary code execution due to CVE-2015-20107
2022-12-01 16:39:02
mscve
mscve
Microsoft Guidance on Intel Processor MMIO Stale Data Vulnerabilities
2022-06-14 07:00:00
intel
intel
Intel® Processors MMIO Stale Data Advisory
2022-10-19 00:00:00
debian
debian
[SECURITY] [DSA 5178-1] intel-microcode security update
2022-07-06 13:12:52
centos
centos
bpftool, kernel, perf, python security update
2022-08-15 17:35:43
citrix
citrix
Citrix Hypervisor Security Update
2022-06-23 20:06:39
f5
f5
K04808933 : Intel Processors MMIO Stale Data Advisory vulnerabilities CVE-2022-21123, CVE-2022-21125, and CVE-2022-21127
2022-07-18 00:00:00
debiancve
debiancve
CVE-2015-20107
2022-04-13 16:15:00
cbl_mariner
cbl_mariner
CVE-2015-20107 affecting package python3 3.7.13-3
2022-10-13 00:40:13
CVE-2015-20107 affecting package python3 3.9.13-3
2022-09-16 06:05:37
CVE-2015-20107 affecting package python2 2.7.18-10
2022-10-13 00:40:13
redos
redos
ROS-20230915-15
2023-09-15 00:00:00
cloudfoundry
cloudfoundry
USN-5503-1: GnuPG vulnerability | Cloud Foundry
2022-08-26 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2022-0213
2022-07-15 00:00:00
suse
suse
Security update for python (important)
2022-07-08 00:00:00

7.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L

8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

COMPLETE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:C/A:P

0.004 Low

EPSS

Percentile

74.0%

JSON
Related for RHSA-2022:6954
redhat14nessus61osv14openvas46oraclelinux15rocky5ubuntu4xen1almalinux3vmware1fedora13hp1mageia3malwarebytes1ibm3mscve1intel1debian1centos1citrix1f51debiancve1cbl_mariner3redos1cloudfoundry1photon1suse1