BD Pyxis™ Rapid Rx Security Vulnerabilities

(RHSA-2023:6781) Important: openshift-pipelines-client security update

Red Hat OpenShift Pipelines Client, tkn for the 1.11.2 release, provides a CLI tool to interact with the Pipelines and Triggers components provided by Red Hat OpenShift Pipelines 1.11.2. The tkn CLI tool is delivered as an RPM package for installation on RHEL platforms, and as binaries for...

(RHSA-2023:6779) Important: Red Hat OpenShift Pipelines Operator security update

Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments across multiple platforms such as Kubernetes,...

Introducing ThreatDown: A new chapter for Malwarebytes

Since I started Malwarebytes 15 years ago the threat landscape has changed. Our offerings have evolved. And now the next chapter of our journey begins today. How did we get here? My first cyber “combatant” was an early form of adware running amok on my family’s computer. Removing it was a team...

Navigating Threats – Insights from the Wallarm API ThreatStats™ Report Q3’2023

The world of digital technology is perpetually evolving, positioning cybersecurity as a frontline defense in safeguarding essential digital assets. A primary challenge in this sector, accentuated by the Wallarm API ThreatStats™ report Q3’2023, is ensuring robust API security. This in-depth report.....

(RHSA-2023:6746) Important: nghttp2 security update

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about the security issue(s), including the...

Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws

Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for.....

Fedora 37 : mod_http2 (2023-c0c6a91330)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c0c6a91330 advisory. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as...

SUSE: Security Advisory (SUSE-SU-2023:4373-1)

The remote host is missing an update for...

Fedora 39 : mod_http2 (2023-492b7be466)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-492b7be466 advisory. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as...

Important: nghttp2 security update

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about the security issue(s), including the...

Important: nghttp2 security update

libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 (HTTP/2) protocol in C. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) For more details about the security issue(s), including the...

RHEL 9 : nghttp2 (RHSA-2023:6746)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6746 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) Note that Nessus has not...

SUSE: Security Advisory (SUSE-SU-2023:4374-1)

The remote host is missing an update for...

Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:1762)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1762 advisory. iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to...

(RHSA-2023:6305) Important: Migration Toolkit for Applications security update

Migration Toolkit for Applications 6.1.4 Images. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) ...

BIT-nginx-ingress-controller-2023-44487

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October...

Rocky Linux 8 : Satellite 6.11 Release (Moderate) (RLSA-2022:5498)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:5498 advisory. Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol...

Debian: Security Advisory (DLA-3645-1)

The remote host is missing an update for the...

Rocky Linux 8 : tcpdump (RLSA-2020:4760)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4760 advisory. tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103) tcpdump before 4.9.3 mishandles the printing of SMB data...

[SECURITY] [DLA 3645-1] trafficserver security update

Debian LTS Advisory DLA-3645-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk November 05, 2023 https://wiki.debian.org/LTS Package : trafficserver Version : 8.1.7-0+deb10u3 CVE...

October 2023: back to Positive Technologies, Vulristics updates, Linux Patch Wednesday, Microsoft Patch Tuesday, PhysTech VM lecture

Hello everyone! October was an interesting and busy month for me. I started a new job, worked on my open source Vulristics project, and analyzed vulnerabilities using it. Especially Linux vulnerabilities as part of my new Linux Patch Wednesday project. And, of course, analyzed Microsoft Patch...

Fedora: Security Advisory for python-django (FEDORA-2023-a67af7d8f4)

The remote host is missing an update for...

Security Bulletin: A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM® Db2® (CVE-2023-30441)

Summary IBM® Runtime Environment Java™ Version 8.0.7.0 through 8.0.7.11 used by IBM® Db2® is vulnerable to information disclosure. The fix for this issue was already published in an earlier bulletin. If you have already applied the appropriate Db2 special build or Java version 8.0.8.6 or higher...

Security Bulletin: IBM® Db2® is vulnerable to an information disclosure vulnerability due to the consumed GSKit library (CVE-2023-32342)

Summary IBM® Db2® is vulnerable to an information disclosure vulnerability due to the consumed GSKit library. The fix for this issue was already published in an earlier bulletin. If you have already applied the appropriate Db2 special build or installed GSKit version 8.0.55.31, which contains the.....

[SECURITY] Fedora 39 Update: python-django-4.2.6-1.fc39

Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY (Don't Repeat Yourself)...

Dark Web Monitoring

Unveiling Dark Web Surveillance: Bolstering Internet Safety Journey with us into the unchartered territories of the internet, where a masked sector called the Dark Net thrives. This secret hub is notorious for harboring unlawful actions ranging from infringed identity to stolen data, bringing...

(RHSA-2023:6298) Important: Release of OpenShift Serverless Client kn 1.30.2 security update

Red Hat OpenShift Serverless Client kn 1.30.2 provides a CLI to interact with Red Hat OpenShift Serverless 1.30.2. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms. This release includes security and bug fixes, and enhancements......

Amazon Linux AMI : httpd24 (ALAS-2023-1877)

The version of httpd24 installed on the remote host is prior to 2.4.58-1.101. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1877 advisory. Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: ...

What Is Zero Trust Network Access (ZTNA) ?

Unraveling the Mysteries Behind the Zero Trust Network Access (ZTNA) Paradigm Digital protection strategies have traditionally relied heavily on the concept of trust. However, these conventional notions, which assume a considerable measure of security within an organization's connectivity sphere,.....

(RHSA-2023:6296) Important: Release of OpenShift Serverless 1.30.2

Version 1.30.2 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.11, 4.12, and 4.13. This release includes security, bug fixes, and enhancements. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid.....

(RHSA-2023:6286) Important: Red Hat Data Grid 7.3.11 security update

Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 7.3.11 replaces Data Grid 7.3.10 and includes bug fixes and...

(RHSA-2023:6280) Important: Migration Toolkit for Applications security and bug fix update

Migration Toolkit for Applications 6.2.1 Images Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487) ...

BIT-2023-45802

When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing....

Amazon Linux 2 : httpd (ALAS-2023-2322)

The version of httpd installed on the remote host is prior to 2.4.58-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2322 advisory. Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through...

Denial of service from HTTP/2 Rapid Reset in google.golang.org/grpc

An attacker can send HTTP/2 requests, cancel them, and send subsequent requests. This is valid by the HTTP/2 protocol, but would cause the gRPC-Go server to launch more concurrent method handlers than the configured maximum stream limit, grpc.MaxConcurrentStreams. This results in a denial of...

Security Bulletin: Vulnerabilities in IBM Java included with IBM Tivoli Monitoring.

Summary Vulnerabilities in IBM® Java™ Technology Edition that is shipped as part of multiple IBM Tivoli Monitoring (ITM) components. CVEs: CVE-2023-22045 and CVE-2023-22049, Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM...

What is a Polymorphic Virus detection and best practices ?

In the ever-evolving sphere of digital tech, the persistent threat of cyber intrusions remains a formidable concern. A notable example is the polymorphic virus, an insidiously clever adversary in the landscape of cyber threats. Let's probe the intrinsic nature, attributes, and behaviors of this...

(RHSA-2023:6251) Important: OpenShift Virtualization 4.11.7 Images security and bug fix update

OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.7 images. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)...

Starting your journey to become quantum-safe

There’s no doubt we are living through a time of rapid technological change. Advances in ubiquitous computing and ambient intelligence transform nearly every aspect of work and life. As the world moves forward with new advancements and distributed technologies, so too does the need to understand...

Starting your journey to become quantum-safe

There’s no doubt we are living through a time of rapid technological change. Advances in ubiquitous computing and ambient intelligence transform nearly every aspect of work and life. As the world moves forward with new advancements and distributed technologies, so too does the need to understand...

(RHSA-2023:6248) Important: OpenShift Virtualization 4.12.8 Images security update

OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.12.8 images. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)...

(RHSA-2023:6243) Important: openshift-gitops-kam security update

TODO: add package description Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487) (CVE-2023-39325) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to...

(RHSA-2023:6240) Important: OpenShift Container Platform 4.13 low-latency extras security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra low-latency container images for Red Hat OpenShift Container Platform 4.13. Security Fix(es): golang:...

(RHSA-2023:6239) Important: Kiali (Kiali 1.65.10) security update

Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. Security Fix(es): HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)...

(RHSA-2023:6235) Important: OpenShift Virtualization 4.13.5 Images security update

OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.5 images. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)...

(RHSA-2023:6233) Important: Red Hat OpenShift Enterprise security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra low-latency container images for Red Hat OpenShift Container Platform 4.12. See the following advisory...

(RHSA-2023:6126) Important: OpenShift Container Platform 4.12.41 bug fix and security update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.41. See the following advisory for the RPM...

(RHSA-2023:6125) Important: OpenShift Container Platform 4.12.41 security and extras update

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.41. See the following advisory for the container...

(RHSA-2023:6154) Important: Secondary Scheduler Operator for Red Hat OpenShift 1.2.0

The Secondary Scheduler Operator for Red Hat OpenShift is an optional operator that makes it possible to deploy a secondary scheduler by providing a scheduler image. You can run a scheduler with custom plugins without applying additional manifests, such as cluster roles and deployments. Security...

SUSE: Security Advisory (SUSE-SU-2023:4295-1)

The remote host is missing an update for...