61 matches found
Security Bulletin: IBM Cloud Pak for Data is vulnerable to denial of service due to golang.org/x/text ( CVE-2022-32149 )
Summary golang.org/x/text is used by IBM Cloud Pak for Data. CVE-2022-32149. Vulnerability Details CVEID:CVE-2022-32149 DESCRIPTION: Golang Go is vulnerable to a denial of service, caused by improper input validation by the golang.org/x/text/language package. By sending a specially-crafted...
CVE-2022-32149 affecting package containernetworking-plugins for versions less than 1.6.1-4
CVE-2022-32149 affecting package containernetworking-plugins for versions less than 1.6.1-4. An upgraded version of the package is available that resolves this issue...
Linux Distros Unpatched Vulnerability : CVE-2022-32149
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse. CVE-2022-32149 No...
Azure Linux 3.0 Security Update: application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt (CVE-2022-32149)
The version of application-gateway-kubernetes-ingress / cf-cli / cni / containerized-data-importer / containernetworking-plugins / gh / keda / kubevirt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the...
CVE-2022-32149 affecting package gh for versions less than 2.13.0-22
CVE-2022-32149 affecting package gh for versions less than 2.13.0-22. A patched version of the package is available...
CVE-2022-32149 affecting package terraform for versions less than 1.3.2-19
CVE-2022-32149 affecting package terraform for versions less than 1.3.2-19. A patched version of the package is available...
CVE-2022-32149 affecting package cni for versions less than 1.1.2-3
CVE-2022-32149 affecting package cni for versions less than 1.1.2-3. A patched version of the package is available...
CVE-2022-32149 affecting package cri-o for versions less than 1.22.3-8
CVE-2022-32149 affecting package cri-o for versions less than 1.22.3-8. A patched version of the package is available...
CVE-2022-32149 affecting package libcontainers-common for versions less than 20210626-6
CVE-2022-32149 affecting package libcontainers-common for versions less than 20210626-6. A patched version of the package is available...
CVE-2022-32149 affecting package keda for versions less than 2.4.0-23
CVE-2022-32149 affecting package keda for versions less than 2.4.0-23. A patched version of the package is available...
CVE-2022-32149 affecting package prometheus-adapter for versions less than 0.10.0-14
CVE-2022-32149 affecting package prometheus-adapter for versions less than 0.10.0-14. A patched version of the package is available...
CVE-2022-32149 affecting package kubevirt for versions less than 0.59.0-20
CVE-2022-32149 affecting package kubevirt for versions less than 0.59.0-20. A patched version of the package is available...
CVE-2022-32149 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-22
CVE-2022-32149 affecting package application-gateway-kubernetes-ingress for versions less than 1.4.0-22. A patched version of the package is available...
CVE-2022-32149 affecting package multus for versions less than 4.0.2-1
CVE-2022-32149 affecting package multus for versions less than 4.0.2-1. An upgraded version of the package is available that resolves this issue...
CVE-2022-32149 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
CVE-2022-32149 affecting package sriov-network-device-plugin for versions less than 3.7.0-1. An upgraded version of the package is available that resolves this issue...
RHEL 9 : golang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags...
OESA-2024-1528 podman security update
Podman manages the entire container ecosystem which includes pods, containers, container images, and container volumes using the libpod library. Security Fixes: An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to...
RHEL 8 : container-tools:rhel8 (RHSA-2024:2077)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2077 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang:...
RHEL 8 / 9 : OpenShift Container Platform 4.12.22 (RHSA-2023:3613)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3613 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
RHEL 7 / 8 / 9 : OpenShift Virtualization 4.13.0 RPMs (RHSA-2023:3204)
The remote Redhat Enterprise Linux 7 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3204 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory...