3rd Gen AMD Ryzen™ Threadripper™ Processors “Castle Peak” HEDT Security Vulnerabilities

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: rqlite, kubevela, pulumi, temporal-ui-server, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, kaniko, sops, aactl, external-dns, doppler-kubernetes-operator, certificate-transparency, gitlab-pages, influxd, crossplane-provider-azure, flux-helm-controller,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, cni-plugins, prometheus-stackdriver-exporter, hey, go-licenses, kubernetes-dashboard-metrics-scraper, scorecard, metrics-server, sops, gitlab-logger, gke-gcloud-auth-plugin, aactl, k3d, falco, nats, flannel-cni-plugin, oras, influx, go-md2man,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, pulumi, temporal-ui-server, stern, bom, sops, kubernetes-ingress-defaultbackend, s5cmd, kyverno-policy-reporter, flannel-cni-plugin, bank-vaults, confluent-common-docker, secrets-store-csi-driver, containerd, timoni, tctl, fulcio, nats-server,....

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: rqlite, kubevela, pulumi, temporal-ui-server, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, kaniko, sops, aactl, external-dns, doppler-kubernetes-operator, certificate-transparency, gitlab-pages, influxd, crossplane-provider-azure, flux-helm-controller,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, pulumi, temporal-ui-server, stern, bom, sops, kubernetes-ingress-defaultbackend, s5cmd, kyverno-policy-reporter, flannel-cni-plugin, bank-vaults, confluent-common-docker, secrets-store-csi-driver, containerd, timoni, tctl, fulcio, nats-server,....

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, cni-plugins, prometheus-stackdriver-exporter, hey, go-licenses, kubernetes-dashboard-metrics-scraper, scorecard, metrics-server, sops, gitlab-logger, gke-gcloud-auth-plugin, aactl, k3d, falco, nats, flannel-cni-plugin, oras, influx, go-md2man,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, cni-plugins, prometheus-stackdriver-exporter, hey, go-licenses, kubernetes-dashboard-metrics-scraper, scorecard, metrics-server, sops, gitlab-logger, gke-gcloud-auth-plugin, aactl, k3d, falco, nats, flannel-cni-plugin, oras, influx, go-md2man,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: protoc-gen-go-grpc, cni-plugins, prometheus-stackdriver-exporter, hey, go-licenses, kubernetes-dashboard-metrics-scraper, scorecard, metrics-server, sops, gitlab-logger, gke-gcloud-auth-plugin, aactl, k3d, falco, nats, flannel-cni-plugin, oras, influx, go-md2man,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, go-bindata, gobuster, kyverno, kube-logging-logging-operator, seldon-core-operator, protoc-gen-go-grpc, ctop, gke-gcloud-auth-plugin, grpcurl, render-template, amass, falco, kubernetes-csi-livenessprobe-fips, cni-plugins-fips, gitlab-logger,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: terraform-provider-google, k3s, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, eks-distro-kubernetes-csi-livenessprobe, certificate-transparency, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, hubble,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: terraform-provider-google, k3s, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, eks-distro-kubernetes-csi-livenessprobe, certificate-transparency, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, hubble,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, go-bindata, gobuster, kyverno, kube-logging-logging-operator, seldon-core-operator, protoc-gen-go-grpc, ctop, gke-gcloud-auth-plugin, grpcurl, render-template, amass, falco, kubernetes-csi-livenessprobe-fips, cni-plugins-fips, gitlab-logger,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: terraform-provider-google, k3s, rootlesskit, vertical-pod-autoscaler-fips, stern, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, neuvector-scanner, eks-distro-kubernetes-csi-livenessprobe, esbuild, harbor, tekton-chains-fips,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: terraform-provider-google, k3s, rootlesskit, vertical-pod-autoscaler-fips, stern, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, neuvector-scanner, eks-distro-kubernetes-csi-livenessprobe, esbuild, harbor, tekton-chains-fips,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, go-bindata, gobuster, kyverno, kube-logging-logging-operator, seldon-core-operator, protoc-gen-go-grpc, ctop, gke-gcloud-auth-plugin, grpcurl, render-template, amass, falco, kubernetes-csi-livenessprobe-fips, cni-plugins-fips, gitlab-logger,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: cluster-autoscaler-fips, go-bindata, gobuster, kyverno, kube-logging-logging-operator, seldon-core-operator, protoc-gen-go-grpc, ctop, gke-gcloud-auth-plugin, grpcurl, render-template, amass, falco, kubernetes-csi-livenessprobe-fips, cni-plugins-fips, gitlab-logger,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...

5 key MDR differentiators to look for to build stronger security resilience

Organizations looking to address the skills gap and bring greater efficiency as their business grows and their attack surface sprawls are turning to MDR providers at an accelerated pace. We’ve seen predictions from top analyst firms signaling the rapid rate of adoption of an MDR provider by 2025......

CVE-2024-1598

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...

CVE-2024-0762

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for select Intel platforms This issue affects: Phoenix SecureCore™ for Intel Kaby Lake: from 4.0.1.1 before 4.0.1.998; Phoenix SecureCore™ for Intel Coffee Lake: from 4.1.0.1 before 4.1.0.562; Phoenix ...

CVE-2024-32985

Stellar-core is a reference implementation for the peer-to-peer agent that manages the Stellar network. Prior to 20.4.0, core nodes could be randomly crashed due to a race condition with a 3rd party library. The likelihood of affecting the network is low since crashed nodes come back up online...

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public...

Bouncy Castle crafted signature and public key can be used to trigger an infinite loop

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public...

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception...

Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of.....

Bouncy Castle certificate parsing issues cause high CPU usage during parameter evaluation.

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of.....

Bouncy Castle affected by timing side-channel for RSA key exchange ("The Marvin Attack")

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception...

CVE-2024-30172

An issue was discovered in Bouncy Castle Java Cryptography APIs before 1.78. An Ed25519 verification code infinite loop can occur via a crafted signature and public...

CVE-2024-30171

An issue was discovered in Bouncy Castle Java TLS API and JSSE Provider before 1.78. Timing-based leakage may occur in RSA based handshakes because of exception...

CVE-2024-29857

An issue was discovered in ECCurve.java and ECCurve.cs in Bouncy Castle Java (BC Java) before 1.78, BC Java LTS before 2.73.6, BC-FJA before 1.0.2.5, and BC C# .Net before 2.3.1. Importing an EC certificate with crafted F2m parameters can lead to excessive CPU consumption during the evaluation of.....

Potential buffer overflow when handling UEFI variables

Potential buffer overflow in unsafe UEFI variable handling in Phoenix SecureCore™ for Intel Gemini Lake.This issue affects: SecureCore™ for Intel Gemini Lake: from 4.1.0.1 before...