Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2023:5008
HistoryOct 31, 2023 - 2:16 p.m.

(RHSA-2023:5008) Important: Red Hat build of MicroShift 4.14.0 security update

2023-10-3114:16:38
access.redhat.com
13
red hat
microshift
kubernetes
edge device
rpm packages
cve-2023-1260
cve-2023-2727
cve-2023-2728
security fix
cvss score
release notes

7.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%

JSON

Red Hat build of MicroShift is Red Hat’s light-weight Kubernetes orchestration solution designed for edge device deployments and is built from the edge capabilities of Red Hat OpenShift. MicroShift is an application that is deployed on top of Red Hat Enterprise Linux devices at the edge, providing an efficient way to operate single-node clusters in these low-resource environments.

This advisory contains the RPM packages for Red Hat build of MicroShift 4.14.0. Read the following advisory for the container images for this release:

https://access.redhat.com/errata/RHSA-2023:5006

All of the bug fixes may not be documented in this advisory. Read the following release notes documentation for details about these changes:

https://access.redhat.com/documentation/en-us/red_hat_build_of_microshift/4.14/html/release_notes/index

Security Fix(es):

  • kube-apiserver: PrivEsc (CVE-2023-1260)

  • kube-apiserver: Bypassing policies imposed by the ImagePolicyWebhook admission plugin (CVE-2023-2727)

  • kube-apiserver: Bypassing enforce mountable secrets policy imposed by the ServiceAccount admission plugin (CVE-2023-2728)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9x86_64microshift< 4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9microshift-4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9.x86_64.rpm
RedHat9noarchmicroshift-release-info< 4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9microshift-release-info-4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9.noarch.rpm
RedHat9noarchmicroshift-selinux< 4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9microshift-selinux-4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9.noarch.rpm
RedHat9aarch64microshift< 4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9microshift-4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9.aarch64.rpm
RedHat9x86_64microshift-networking< 4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9microshift-networking-4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9.x86_64.rpm
RedHat9aarch64microshift-networking< 4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9microshift-networking-4.14.0-202310261440.p0.g1586504.assembly.4.14.0.el9.aarch64.rpm

Related

nessus 52
redhat 24
openvas 6
oraclelinux 12
ibm 10
freebsd 1
osv 20
almalinux 7
rosalinux 1
redhatcve 6
prion 6
cgr 5
nvd 6
cve 6
debiancve 5
cvelist 6
ubuntucve 5
veracode 7
github 3
wolfi 4
alpinelinux 4
cbl_mariner 3
nessus
nessus
RHEL 9 : Red Hat build of MicroShift 4.14.0 (RHSA-2023:5008)
2024-04-28 00:00:00
Golang < 1.20.8 / 1.21.x < 1.21.1 Multiple Vulnerabilities
2023-09-15 00:00:00
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:7517)
2024-04-28 00:00:00
redhat
redhat
(RHSA-2023:7517) Moderate: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
2023-11-27 19:20:27
(RHSA-2023:7765) Moderate: podman security update
2023-12-12 16:42:34
(RHSA-2023:7766) Moderate: containernetworking-plugins security update
2023-12-12 16:42:36
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:2542-1)
2023-06-19 00:00:00
openSUSE: Security Advisory for kubernetes1.24 (SUSE-SU-2023:3260-1)
2024-03-04 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:2541-1)
2023-06-19 00:00:00
oraclelinux
oraclelinux
kubernetes security update
2023-07-03 00:00:00
olcne security update
2023-07-03 00:00:00
kubernetes security update
2023-07-03 00:00:00
ibm
ibm
Security Bulletin: IBM Cloud Kubernetes Service is affected by a Kubernetes API server security vulnerability (CVE-2023-2728)
2023-07-13 13:54:19
Security Bulletin: Platform Navigator and Automation Assets in IBM Cloud Pak for Integration are vulnerable to code injection and privilege escalation due to multiple vulnerabilities in Go
2023-10-30 16:16:16
Security Bulletin: IBM Cloud Pak for Data Scheduling contains a vulnerable yq package. [CVE-2023-39320, CVE-2023-39321 and CVE-2023-39322]
2024-03-18 14:18:57
freebsd
freebsd
go -- multiple vulnerabilities
2023-09-06 00:00:00
osv
osv
Moderate: buildah security update
2023-12-12 00:00:00
Moderate: skopeo security update
2023-12-12 00:00:00
Moderate: containernetworking-plugins security update
2023-12-12 00:00:00
almalinux
almalinux
Moderate: buildah security update
2023-12-12 00:00:00
Moderate: podman security update
2023-12-12 00:00:00
Moderate: containernetworking-plugins security update
2023-12-12 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2405
2024-04-23 12:01:14
redhatcve
redhatcve
CVE-2023-39321
2023-09-13 07:24:29
CVE-2023-39319
2023-09-13 06:54:21
CVE-2023-39322
2023-09-13 07:24:39
prion
prion
Code injection
2023-09-08 17:15:00
Design/Logic Flaw
2023-09-08 17:15:00
Authentication flaw
2023-07-03 21:15:00
cgr
cgr
CVE-2023-39321 vulnerabilities
2024-05-19 03:07:16
CVE-2023-39322 vulnerabilities
2024-05-19 03:07:16
CVE-2023-2727 vulnerabilities
2024-05-19 03:07:16
nvd
nvd
CVE-2023-39322
2023-09-08 17:15:28
CVE-2023-39321
2023-09-08 17:15:28
CVE-2023-2727
2023-07-03 21:15:09
cve
cve
CVE-2023-39319
2023-09-08 17:15:27
CVE-2023-39322
2023-09-08 17:15:28
CVE-2023-2727
2023-07-03 21:15:09
debiancve
debiancve
CVE-2023-39321
2023-09-08 17:15:28
CVE-2023-2727
2023-07-03 21:15:09
CVE-2023-39322
2023-09-08 17:15:28
cvelist
cvelist
CVE-2023-39321 Panic when processing post-handshake message on QUIC connections in crypto/tls
2023-09-08 16:13:30
CVE-2023-39319 Improper handling of special tags within script contexts in html/template
2023-09-08 16:13:28
CVE-2023-2727 Bypassing policies imposed by the ImagePolicyWebhook admission plugin
2023-07-03 20:05:04
ubuntucve
ubuntucve
CVE-2023-2727
2023-07-03 00:00:00
CVE-2023-39322
2023-09-08 00:00:00
CVE-2023-39321
2023-09-08 00:00:00
veracode
veracode
Policy Bypass
2023-07-06 09:42:19
Denial Of Service (DoS)
2023-10-02 20:14:46
Cross Site Scripting (XSS)
2023-10-03 07:53:49
github
github
kube-apiserver vulnerable to policy bypass
2023-07-03 21:30:57
Kubernetes mountable secrets policy bypass
2023-07-03 21:30:57
kube-apiserver authentication bypass vulnerability
2023-09-24 03:30:20
wolfi
wolfi
CVE-2023-2727 vulnerabilities
2024-06-25 03:08:26
CVE-2023-39322 vulnerabilities
2024-06-25 03:08:26
CVE-2023-39321 vulnerabilities
2024-06-25 03:08:26
alpinelinux
alpinelinux
CVE-2023-39322
2023-09-08 17:15:28
CVE-2023-39321
2023-09-08 17:15:28
CVE-2023-2728
2023-07-03 21:15:09
cbl_mariner
cbl_mariner
CVE-2023-39319 affecting package msft-golang for versions less than 1.20.10-1
2024-06-25 03:09:55
CVE-2023-39319 affecting package golang for versions less than 1.20.10-1
2024-06-25 03:09:55
CVE-2023-39319 affecting package golang for versions less than 1.20.10-1
2024-06-25 03:09:48

7.3 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%

JSON
Related for RHSA-2023:5008
nessus52redhat24openvas6oraclelinux12ibm10freebsd1osv20almalinux7rosalinux1redhatcve6prion6cgr5nvd6cve6debiancve5cvelist6ubuntucve5veracode7github3wolfi4alpinelinux4cbl_mariner3