34 matches found
CVE-2026-46389
UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...
CVE-2026-46389
UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...
CVE-2026-46389 UDS Identity Config has a client authentication bypass in `ClientIdAndKubernetesSecretAuthenticator`
UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...
CVE-2026-46389
CVE-2026-46389 affects UDS Identity Config (Keycloak integration) used by UDS Core Identity. A logic error in the Keycloak client authenticator named client-kubernetes-secret (shipped by uds-identity-config) in versions 0.11.0–0.26.0 overwrites the submitted client_secret with the mounted Kuberne...
PT-2026-38485
The NSEC3 closest-encloser proof validation in hickory-proto's 0.25.0-alpha.3 ... 0.25.2 and hickory-net's 0.26.0-alpha.1 .. 0.26.0 DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of th...
CPU exhaustion during message encoding due to O(n²) name compression
During message encoding, hickory-proto's BinEncoder stores pointers to labels that are candidates for name compression in a Vec. The name compression logic then searches for matches with a linear scan. A malicious message with many records can both introduce many candidate labels, and invoke this...
RUSTSEC-2026-0118 NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses
The NSEC3 closest-encloser proof validation in hickory-proto's DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of the SOA owner, terminating only when the current candidate equals the S...
RUSTSEC-2026-0120 NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses
The NSEC3 closest-encloser proof validation in hickory-net's DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of the SOA owner, terminating only when the current candidate equals the SOA...
NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses
The NSEC3 closest-encloser proof validation in hickory-proto's DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of the SOA owner, terminating only when the current candidate equals the S...
CVE-2024-39315
Pomerium is an identity and context-aware access proxy. Prior to version 0.26.1, the Pomerium user info page at /.pomerium unintentionally included serialized OAuth2 access and ID tokens from the logged-in user's session. These tokens are not intended to be exposed to end users. This issue may be...
Fedora 41 : docker-buildkit (2025-1ccd7dbf40)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-1ccd7dbf40 advisory. Update to release v0.26.1 ---- - Update to release v0.26.0 - Resolves: rhbz2412681, rhbz2412761 - Upstream new features and fixes - dependency...
Fedora 42 : docker-buildkit (2025-308cf4259b)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-308cf4259b advisory. Update to release v0.26.1 ---- - Update to release v0.26.0 - Resolves: rhbz2412681, rhbz2412761 - Upstream new features and fixes - dependency...
Fedora: Security Advisory (FEDORA-2025-308cf4259b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-1ccd7dbf40)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 43 Update: docker-buildkit-0.26.1-1.fc43
Concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit...
Fedora: Security Advisory (FEDORA-2025-42dd948b86)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-45620 affecting package opensc for versions less than 0.26.1-1
CVE-2024-45620 affecting package opensc for versions less than 0.26.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-45619 affecting package opensc for versions less than 0.26.1-1
CVE-2024-45619 affecting package opensc for versions less than 0.26.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-45616 affecting package opensc for versions less than 0.26.1-1
CVE-2024-45616 affecting package opensc for versions less than 0.26.1-1. An upgraded version of the package is available that resolves this issue...
CVE-2024-45618 affecting package opensc for versions less than 0.26.1-1
CVE-2024-45618 affecting package opensc for versions less than 0.26.1-1. An upgraded version of the package is available that resolves this issue...