175 matches found
GHSA-V7GV-XPGF-6395 Keycloak Build Process Exposes Sensitive Data
A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in...
Keycloak Build Process Exposes Sensitive Data
A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in...
GHSA-JCGG-MG9G-P9WF Duplicate Advisory: Keycloak Build Process Exposes Sensitive Data
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-v7gv-xpgf-6395. This link is maintained to preserve external references. Original Description A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured...
Duplicate Advisory: Keycloak Build Process Exposes Sensitive Data
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-v7gv-xpgf-6395. This link is maintained to preserve external references. Original Description A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured...
CVE-2024-10451 Org.keycloak:keycloak-quarkus-server: sensitive data exposure in keycloak build process
A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in...
CVE-2024-10451 Org.keycloak:keycloak-quarkus-server: sensitive data exposure in keycloak build process
A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in...
org.keycloak:keycloak-quarkus-server: Sensitive Data Exposure in Keycloak Build Process
A flaw was found in Keycloak. This issue occurs because sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintended information disclosure. In Keycloak 26, sensitive data specified directly in...
Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories...
Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories...
PT-2024-9024 · Red Hat · Keycloak
Name of the Vulnerable Software and Affected Versions: Keycloak versions prior to 26.0.2 Description: A flaw was found in Keycloak, where sensitive runtime values, such as passwords, may be captured during the Keycloak build process and embedded as default values in bytecode, leading to unintende...
VM images built with Image Builder with some providers use default credentials during builds in github.com/kubernetes-sigs/image-builder
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusi...
CVE-2024-9594
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusi...
CVE-2024-9594 VM images built with Image Builder with some providers use default credentials during builds
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process when using the Nutanix, OVA, QEMU or raw providers. The credentials can be used to gain root access. The credentials are disabled at the conclusi...
CVE-2024-9486 VM images built with Image Builder and Proxmox provider use default credentials
A security issue was discovered in the Kubernetes Image Builder versions = v0.1.37 where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provider do not disable these default credentials, and nodes using the resulting images may be...
PT-2024-6934 · Kubernetes +1 · Kubernetes Image Builder +1
Name of the Vulnerable Software and Affected Versions: Kubernetes Image Builder versions = v0.1.37 Description: A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the image build process when using certain providers, such as Nutanix, OVA,...
PT-2024-6906
Name of the Vulnerable Software and Affected Versions Kubernetes Image Builder versions = v0.1.37 Description A security issue was discovered in the Kubernetes Image Builder where default credentials are enabled during the image build process. Virtual machine images built using the Proxmox provid...
CVE-2024-9407
CVE-2024-9407 is a local-privilege vulnerability in the bind-propagation option of Dockerfile RUN --mount as implemented by buildah/podman. The root cause is improper input validation, allowing an attacker to pass arbitrary parameters to the mount operation and potentially mount host directories ...
CVE-2024-45496
A flaw was found in OpenShift. This issue occurs due to the misuse of elevated privileges in the OpenShift Container Platform's build process. During the build initialization step, the git-clone container is run with a privileged security context, allowing unrestricted access to the node. An...
Red Hat OpenShift Container Platform 安全漏洞
Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that help organizations develop, deploy and manage existing container-based applications across physical, virtual and public cloud infrastructures. A security vulnerability exists in Red Hat OpenShift...
CVE-2024-3281
CVE-2024-3281 concerns Poly CCX devices where firmware builds from 8.0.2.3267 up to 8.1.3.1301 contain a flaw in the build process that did not properly restrict access to a resource from unauthorized actors. The result is an unauthorized access risk and potential privilege elevation, with CVSS-l...