37 matches found
MiracleLinux 7 : containernetworking-plugins-0.8.3-3.el7 (AXSA:2020-186:02)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-186:02 advisory. containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters CVE-2020-10749 Tenable has extracted the preceding description...
Linux Distros Unpatched Vulnerability : CVE-2020-10749
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perfor...
CentOS 7 : containernetworking-plugins (RHSA-2020:2684)
The remote CentOS Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2684 advisory. - A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to...
Oracle Linux 7 : grafana / kubernetes-cni / kubernetes-cni-plugins / kubernetes / kubernetes / olcne (ELSA-2020-5726)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5726 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
Oracle Linux 7 : kubernetes / kubeadm-ha-setup / kubernetes-cni / kubernetes-cni-plugins (ELSA-2020-5725)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5725 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
Oracle Linux 7 : kubernetes-cni-plugins / kubernetes-cni / kubernetes / olcne (ELSA-2020-5727)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5727 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
K000134802: Kubernetes vulnerability CVE-2020-10749
Security Advisory Description A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle MitM attacks. A malicious container can exploit this flaw by sending rogue IPv6 router...
RHEL 7 / 8 : OpenShift Container Platform 4.4.8 containernetworking-plugins (RHSA-2020:2403)
The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2403 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...
SUSE SLES15 Security Update : cni-plugins (SUSE-SU-2022:4151-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4151-1 advisory. - CVE-2021-20206: Fixed arbitrary path injection via type field in CNI configuration bsc1181961. Tenable has extracted the precedin...
Security Bulletin: A vulnerability was found in all versions of container networking/plugins before version 0.8.6 of pipeline-utils affecting IBM Cloud Pak for Applications
Summary A vulnerability was found in all versions of container networking/plugins before version 0.8.6 of pipeline-utils, affecting IBM Cloud Pak for Applications. This has been addressed in IBM Cloud Pak for Applications 4.3.1 Vulnerability Details CVEID: CVE-2020-10749 DESCRIPTION: Container...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.7.0 security, bug fix, and enhancement update
Red Hat OpenShift Container Platform release 4.7.0 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
CentOS 8 : container-tools:rhel8 (CESA-2020:4694)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4694 advisory. - containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters CVE-2020-10749 - QEMU: slirp: networking out-of-bound...
Fedora: Security Advisory for golang-github-containernetworking-plugins (FEDORA-2021-ccb8a9c403)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Moderate: Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RLSA-2020:4694 Moderate: container-tools:rhel8 security, bug fix, and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters CVE-2020-10749 QEMU: slirp: networking out-of-bounds read information...
ALSA-2020:4694 Moderate: container-tools:rhel8 security, bug fix, and enhancement update
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters CVE-2020-10749 QEMU: slirp: networking out-of-bounds read information...
openSUSE Security Update : cni-plugins (openSUSE-2020-1050)
This update for cni-plugins fixes the following issues : cni-plugins updated to version 0.8.6 - CVE-2020-10749: Fixed a potential Man-in-the-Middle attacks in IPv4 clusters by spoofing IPv6 router advertisements bsc1172410. Release notes:...
openSUSE Security Update : cni-plugins (openSUSE-2020-1049)
This update for cni-plugins fixes the following issues : cni-plugins updated to version 0.8.6 - CVE-2020-10749: Fixed a potential Man-in-the-Middle attacks in IPv4 clusters by spoofing IPv6 router advertisements bsc1172410. Release notes:...
openSUSE: Security Advisory for cni-plugins (openSUSE-SU-2020:1050-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for cni-plugins (openSUSE-SU-2020:1049-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...