Security Bulletin: Multiple Security Vulnerabilities have been fixed in the IBM Directory Server and IBM Directory Suite products (CVE-2022-22473. CVE-2021-38951)

Summary Multiple Security Vulnerabilities in the IBM WebSphere Application Server product as shipped with the IBM Directory Server and IBM Directory Suite products have been fixed. Vulnerability Details CVEID:CVE-2022-22473 DESCRIPTION: IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 coul...

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from Docker Registry, OpenSSH and go-git

Summary go-git and DockerRegistry are consumed through OSE packages. OSE package is shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2017-11468 DESCRIPTION: Docker...

Security Bulletin: Security Vulnerabilities discovered in IBM Security Verify Access.

Summary IBM Security Verify Access could disclose sensitive information in the snapshot file due to reuse of encryption keys. Vulnerability Details CVEID:CVE-2024-25027 DESCRIPTION: IBM Security Verify Access could disclose sensitive snapshot information due to missing encryption. CVSS Base score...

DNS Rebind Attack

Docker is vulnerable to DNS Rebind Attack. This vulnerability is due to the lack of proper isolation between containers and the host's DNS resolver, allowing malicious actors to exploit DNS rebinding to bypass network restrictions...

[SECURITY] Fedora 40 Update: podman-5.0.0-1.fc40

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

GHSA-CFF3-5QRP-HQX7 Apache Airflow Improper Preservation of Permissions vulnerability

Improper Preservation of Permissions vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

Apache Airflow Improper Preservation of Permissions vulnerability

Improper Preservation of Permissions vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

CVE-2024-29735

Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

CVE-2024-29735 Apache Airflow: Potentially harmful permission changing by log task handler

Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

CVE-2024-29735 Apache Airflow: Potentially harmful permission changing by log task handler

Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

CVE-2024-29735

CVE-2024-29735 affects Apache Airflow (versions 2.8.2–2.8.3) due to the local file task handler incorrectly setting permissions on parent folders of the log directory, potentially granting group write access. The issue can impact log storage paths, and, if the home directory becomes group-writabl...

AutoWLAN - Run A Portable Access Point On A Raspberry Pi Making Use Of Docker Containers

This project will allow you run a portable access point on a Raspberry Pi making use of Docker containers. Further reference and explanations: https://fwhibbit.es/en/automatic-access-point-with-docker-and-raspberry-pi-zero-w Tested on Raspberry Pi Zero W. Access point configurations You can...

Check Point Response to Docker Desktop Vulnerabilities

Solution This article provides Check Point response to Docker Desktop vulnerabilities that various vulnerability scanners may show when testing a Check Point Security Gateway / Management Server / Log Server. To exploit a Docker Desktop vulnerability, a malicious actor must have a local access on...

Security Bulletin: Security Vulnerability in IBM GSKit affects IBM Security Directory Server Container Products (CVE-2023-32342)

Summary A Security Vulnerability in IBM GSKit that ships with IBM Security Directory Server Container Products has been addressed in an update. Vulnerability Details CVEID:CVE-2023-32342 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based...

GO-2024-2659 Data exfiltration from internal networks in github.com/docker/docker

dockerd forwards DNS requests to the host loopback device, bypassing the container network namespace's normal routing semantics, networks marked as 'internal' can unexpectedly forward DNS requests to an external nameserver. By registering a domain for which they control the authoritative...

Security Bulletin: Multiple Security Vulnerabilites have been fixed in IBM Security Verify Directory Container (CVE-2022-32753, CVE-2022-32756, CVE-2022-32751, CVE-2022-32754)

Summary Multiple Vulnerabilities found by the IBM Ethical Hacking team have been fixed in IBM Verify Directory Container. Vulnerability Details CVEID:CVE-2022-32753 DESCRIPTION: IBM Security Directory Server uses weaker than expected cryptographic algorithms that could allow an attacker to decryp...

OESA-2024-1302 docker security update

Docker is an open source project to build, ship and run any application as a lightweight container. Security Fixes: Moby is an open-source project created by Docker to enable software containerization. The classic builder cache system is prone to cache poisoning if the image is built FROM scratch...

CVE-2024-29018

A vulnerability was found in Moby due to excessive data output in external DNS requests from "internal" networks, enabling unauthorized access to sensitive system information by remote attackers. This flaw allows attackers to gain access to sensitive information by exploiting incorrect resource...

CVE-2024-29018

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...

UBUNTU-CVE-2024-29018

Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. Moby's networking implementation allows for many networks, each with their own IP address range and gateway, to be defined. This feature i...