Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2023:6269
HistoryNov 15, 2023 - 12:43 a.m.

(RHSA-2023:6269) Important: cert-manager Operator for Red Hat OpenShift 1.12.1

2023-11-1500:43:55
access.redhat.com
24
cert-manager operator
red hat openshift
kubernetes
certificate authorities
certificates
ddos attack
rapid reset attack
cve-2023-39325
cve-2023-44487

9.1 High

AI Score

Confidence

High

0.72 High

EPSS

Percentile

98.0%

JSON

The cert-manager Operator for Red Hat OpenShift builds on top of Kubernetes, introducing certificate authorities and certificates as first-class resource types in the Kubernetes API. This makes it possible to provide certificates-as-a-service to developers working within your Kubernetes cluster.

Security Fix(es):

  • golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack) (CVE-2023-39325)

  • HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)

A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the References section.

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Related

redhat 46
osv 12
rocky 1
oraclelinux 8
ibm 6
almalinux 7
nessus 61
openvas 34
gentoo 1
rosalinux 1
debian 3
fedora 8
cloudfoundry 1
ubuntu 2
photon 1
freebsd 1
slackware 2
amazon 2
redos 1
aix 1
redhat
redhat
(RHSA-2023:6040) Important: Node Maintenance Operator 5.2.1 security update
2023-10-23 18:29:23
(RHSA-2023:6217) Important: Red Hat OpenShift Enterprise security update
2023-10-31 14:38:45
(RHSA-2023:6279) Important: cert-manager Operator for Red Hat OpenShift 1.11.5
2023-11-15 00:50:45
osv
osv
Moderate: curl security update
2023-11-07 00:00:00
Important: glibc security update
2023-10-06 22:57:06
curl vulnerabilities
2023-03-20 12:30:11
rocky
rocky
glibc security update
2023-10-06 22:57:06
oraclelinux
oraclelinux
glibc security update
2023-10-12 00:00:00
curl security update
2023-11-11 00:00:00
glib2 security and bug fix update
2023-11-11 00:00:00
ibm
ibm
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from libcurl, glibc-minimal-langpack, glibc-common, ncurses-libs and Kubernetes
2023-11-16 16:21:31
Security Bulletin: cURL as used by IBM QRadar WinCollect Agent contains multiple vulnerabilities
2023-06-08 21:14:37
Security Bulletin: Vulnerability with GNU glibc & libcURL affect IBM Cloud Object Storage Systems (Nov2023v1)
2023-11-14 21:53:56
almalinux
almalinux
Moderate: curl security update
2023-11-07 00:00:00
Important: glibc security update
2023-10-05 00:00:00
Important: glibc security update
2023-10-05 00:00:00
nessus
nessus
Oracle Linux 9 : curl (ELSA-2023-6679)
2023-11-16 00:00:00
RHEL 9 : curl (RHSA-2023:6679)
2023-11-07 00:00:00
RHEL 9 : glibc (RHSA-2023:5453)
2023-10-05 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-1798)
2023-05-09 00:00:00
Ubuntu: Security Advisory (USN-5964-1)
2023-03-21 00:00:00
Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2023-2500)
2023-08-01 00:00:00
gentoo
gentoo
GLib: Multiple Vulnerabilities
2023-11-27 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2332
2024-01-30 08:26:13
debian
debian
[SECURITY] [DLA 3583-1] glib2.0 security update
2023-09-25 17:58:49
[SECURITY] [DSA 5514-1] glibc security update
2023-10-03 17:26:13
[SECURITY] [DLA 3398-1] curl security update
2023-04-21 20:05:07
fedora
fedora
[SECURITY] Fedora 36 Update: curl-7.82.0-14.fc36
2023-04-09 01:41:25
[SECURITY] Fedora 37 Update: curl-7.85.0-8.fc37
2023-03-27 02:01:30
[SECURITY] Fedora 38 Update: curl-7.87.0-7.fc38
2023-03-29 00:19:18
cloudfoundry
cloudfoundry
USN-5964-1: curl vulnerabilities | Cloud Foundry
2023-04-29 00:00:00
ubuntu
ubuntu
curl vulnerabilities
2023-03-20 00:00:00
curl vulnerabilities
2023-10-17 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0371
2023-04-06 00:00:00
freebsd
freebsd
curl -- multiple vulnerabilities
2023-03-20 00:00:00
slackware
slackware
[slackware-security] curl
2023-03-20 19:35:43
[slackware-security] curl
2023-10-11 06:45:13
amazon
amazon
Medium: curl
2023-06-05 16:39:00
Important: curl
2023-10-10 21:19:00
redos
redos
ROS-20230406-01
2023-04-06 00:00:00
aix
aix
Multiple vulnerabilities in cURL libcurl affect AIX
2023-12-11 13:22:02

9.1 High

AI Score

Confidence

High

0.72 High

EPSS

Percentile

98.0%

JSON
Related for RHSA-2023:6269
redhat46osv12rocky1oraclelinux8ibm6almalinux7nessus61openvas34gentoo1rosalinux1debian3fedora8cloudfoundry1ubuntu2photon1freebsd1slackware2amazon2redos1aix1