Citrix Gateway, Citrix ADC Security Vulnerabilities
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.7AI Score
0.0004EPSS
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, pulumi, temporal-ui-server, stern, bom, sops, kubernetes-ingress-defaultbackend, s5cmd, kyverno-policy-reporter, flannel-cni-plugin, bank-vaults, confluent-common-docker, secrets-store-csi-driver, containerd, timoni, tctl, fulcio, nats-server,....
6.5AI Score
0.0004EPSS
GHSA-5FQ7-4MXC-535H vulnerabilities
Vulnerabilities for packages: src-fingerprint, go-licenses, ferretdb, scorecard, stern, bom, sops, kubernetes-ingress-defaultbackend, aactl, external-dns, s5cmd, gitlab-pages, spegel, crossplane-provider-azure, opa, cert-manager-webhook-pdns, wave, kubernetes-csi-driver-hostpath, rclone,...
7.5AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.7AI Score
0.0004EPSS
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.5AI Score
CVE-2024-24787 vulnerabilities
Vulnerabilities for packages: src-fingerprint, go-licenses, ferretdb, scorecard, stern, bom, sops, kubernetes-ingress-defaultbackend, aactl, external-dns, s5cmd, gitlab-pages, spegel, crossplane-provider-azure, opa, cert-manager-webhook-pdns, wave, kubernetes-csi-driver-hostpath, rclone,...
6.8AI Score
0.0004EPSS
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.5AI Score
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, pulumi, temporal-ui-server, stern, bom, sops, kubernetes-ingress-defaultbackend, s5cmd, kyverno-policy-reporter, flannel-cni-plugin, bank-vaults, confluent-common-docker, secrets-store-csi-driver, containerd, timoni, tctl, fulcio, nats-server,....
7.5AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.5AI Score
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.5AI Score
GHSA-2JWV-JMQ4-4J3R vulnerabilities
Vulnerabilities for packages: src-fingerprint, go-licenses, ferretdb, scorecard, stern, bom, sops, kubernetes-ingress-defaultbackend, aactl, external-dns, s5cmd, gitlab-pages, spegel, crossplane-provider-azure, opa, cert-manager-webhook-pdns, wave, kubernetes-csi-driver-hostpath, rclone,...
7.5AI Score
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.5AI Score
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.7AI Score
0.0004EPSS
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.7AI Score
0.0004EPSS
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: rqlite, src-fingerprint, kubevela, cni-plugins, pulumi, temporal-ui-server, go-licenses, kubernetes-csi-node-driver-registrar, ferretdb, scorecard, bom, controller-gen, external-dns, s5cmd, doppler-kubernetes-operator, nri-apache, crossplane-provider-azure,...
7.7AI Score
0.0004EPSS
CVE-2024-24788 vulnerabilities
Vulnerabilities for packages: src-fingerprint, go-licenses, ferretdb, scorecard, stern, bom, sops, kubernetes-ingress-defaultbackend, aactl, external-dns, s5cmd, gitlab-pages, spegel, crossplane-provider-azure, opa, cert-manager-webhook-pdns, wave, kubernetes-csi-driver-hostpath, rclone,...
6.8AI Score
0.0004EPSS
CVE-2023-45290 vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.5AI Score
0.0004EPSS
GHSA-3Q2C-PVP5-3CQP vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.3AI Score
CVE-2024-24785 vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.5AI Score
0.0004EPSS
CVE-2023-45289 vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.5AI Score
0.0004EPSS
CVE-2024-24783 vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.5AI Score
0.0004EPSS
GHSA-32CH-6X54-Q4H9 vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.3AI Score
CVE-2023-45288 vulnerabilities
Vulnerabilities for packages: terraform-provider-google, k3s, rootlesskit, vertical-pod-autoscaler-fips, stern, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, neuvector-scanner, eks-distro-kubernetes-csi-livenessprobe, esbuild, harbor, tekton-chains-fips,...
6.1AI Score
0.0004EPSS
GHSA-4V7X-PQXF-CX7M vulnerabilities
Vulnerabilities for packages: terraform-provider-google, k3s, rootlesskit, vertical-pod-autoscaler-fips, stern, temporal-server, helm, mc-fips, caddy-fips, kube-oidc-proxy, policy-controller, neuvector-scanner, eks-distro-kubernetes-csi-livenessprobe, esbuild, harbor, tekton-chains-fips,...
7.3AI Score
GHSA-RR6R-CFGF-GC6H vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.3AI Score
CVE-2024-24784 vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.5AI Score
0.0004EPSS
GHSA-J6M3-GC37-6R6Q vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.3AI Score
GHSA-FGQ5-Q76C-GX78 vulnerabilities
Vulnerabilities for packages: k3s, temporal-server, helm, mc-fips, kube-oidc-proxy, eks-distro-kubernetes-csi-livenessprobe, esbuild, hubble-ui-backend-fips, prometheus-elasticsearch-exporter, kubernetes-csi-livenessprobe-fips, nri-prometheus, aws-flb-kinesis,...
7.3AI Score
Security Bulletin: IBM DataPower Gateway vulnerable to DOS in OpenSSL (CVE-2024-0727)
Summary IBM has addressed the CVE. Vulnerability Details ** CVEID: CVE-2024-0727 DESCRIPTION: **OpenSSL is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially crafted PKCS12 file, a remote attacker could exploit this vulnerability to...
5.5CVSS
7AI Score
0.002EPSS
sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using sshproxy can inject options to the ssh command executed by sshproxy. All versions of sshproxy are...
3.5CVSS
4.3AI Score
SAP Replication Server allows an attacker to use gateway for executing some commands to RSSD. This could result in crashing the Replication Server due to memory corruption with high impact on Availability of the...
4.9CVSS
7.7AI Score
0.0004EPSS
Security Bulletin: IBM DataPower Gateway vulnerable to "Terrapin" attack in OpenSSH (CVE-2023-48795)
Summary By manipulating sequence numbers during SSH connection setup, a MITM attacker can delete negotiation messages without causing a MAC failure. To mitigate this vulnerability, IBM has removed the chacha20-poly1305 cipher and all etm HMACs from the default set of algorithms offered,...
5.9CVSS
6.9AI Score
0.962EPSS
Summary Exploitation of this flaw requires root access to the ESXi host. IBM has addressed the vulnerability. Vulnerability Details ** CVEID: CVE-2023-20867 DESCRIPTION: **VMware Tools could allow a local authenticated attacker to bypass security restrictions, caused by the failure to...
3.9CVSS
6.6AI Score
0.002EPSS
sshproxy vulnerable to SSH option injection
sshproxy is used on a gateway to transparently proxy a user SSH connection on the gateway to an internal host via SSH. Prior to version 1.6.3, any user authorized to connect to a ssh server using sshproxy can inject options to the ssh command executed by sshproxy. All versions of sshproxy are...
4.3AI Score
Memory Corruption vulnerability in SAP Replication Server
SAP Replication Server allows an attacker to use gateway for executing some commands to RSSD. This could result in crashing the Replication Server due to memory corruption with high impact on Availability of the...
5.9AI Score
CVE-2022-3064 affecting package application-gateway-kubernetes-ingress 1.4.0-19
CVE-2022-3064 affecting package application-gateway-kubernetes-ingress 1.4.0-19. This CVE either no longer is or was never...
7.5CVSS
7.8AI Score
0.004EPSS
CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-19
CVE-2021-4235 affecting package application-gateway-kubernetes-ingress 1.4.0-19. This CVE either no longer is or was never...
5.5CVSS
6.6AI Score
0.001EPSS
7.5AI Score
Vulnerabilities for packages: k8s-sidecar, dask-gateway, kubeflow-jupyter-web-app, kubeflow-pipelines, py3-cassandra-medusa, ggshield, kubeflow-katib, az, py3-idna,...
6.5AI Score
GHSA-JJG7-2V4V-X38H vulnerabilities
Vulnerabilities for packages: k8s-sidecar, dask-gateway, kubeflow-jupyter-web-app, kubeflow-pipelines, py3-cassandra-medusa, ggshield, kubeflow-katib, az, py3-idna,...
7.5AI Score
7.5AI Score
7.5CVSS
7.8AI Score
0.0004EPSS
6.1CVSS
6.6AI Score
0.0004EPSS
5.4CVSS
6.2AI Score
0.0004EPSS
7.5AI Score
CVE-2023-44487 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-15. A patched version of the package is...
7.5CVSS
8.2AI Score
0.72EPSS
CVE-2023-43804 vulnerabilities
Vulnerabilities for packages: k8s-sidecar, dask-gateway, kubeflow-jupyter-web-app, kubeflow-volumes-web-app, py3-urllib3,...
8.1CVSS
8.1AI Score
0.001EPSS
GHSA-V845-JXX5-VC9F vulnerabilities
Vulnerabilities for packages: k8s-sidecar, dask-gateway, kubeflow-jupyter-web-app, kubeflow-volumes-web-app, py3-urllib3,...
7.5AI Score
GHSA-V845-JXX5-VC9F vulnerabilities
Vulnerabilities for packages: kubeflow-volumes-web-app, py3-urllib3, k8s-sidecar, kubeflow-jupyter-web-app, kube-downscaler,...
7.3AI Score
Vulnerabilities for packages: py3-cassandra-medusa, confluent-docker-utils, request-1276, py3-idna, k8s-sidecar, kubeflow-pipelines, az, ggshield, kubeflow-jupyter-web-app, kubeflow-katib,...
6.2AI Score