419 matches found
Security Bulletin: Go Vulnerabilities affect IBM IBM Database Operator for FoundationDB (CVE-2022-27191, CVE-2021-43565)
Summary The issue has been fixed as part of Cloud Pak for Data release 4.6 Vulnerability Details CVEID:CVE-2022-27191 DESCRIPTION: Go ssh package is vulnerable to a denial of service, caused by an unspecified flaw in certain circumstances involving AddHostKey. By sending a specially-crafted...
Linux Distros Unpatched Vulnerability : CVE-2022-27191
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1ce4c0b for Go allows an attacker to crash a server in certain circumstances involving...
openSUSE Security Advisory (openSUSE-SU-2024:0319-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 37 : gopass (2022-dcb748c00d)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-dcb748c00d advisory. Automatic update for gopass-1.14.0-2.fc37. Changelog Wed Apr 20 2022 laiot 1.14.0-1 - Updated package version to 1.14.0 Sat Apr 16 2022 Fabio Alessandro Loca...
Fedora 37 : golang (2022-bf188fb91a)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-bf188fb91a advisory. Automatic update for golang-1.18.4-1.fc37. Changelog Wed Jul 13 2022 Alejandro Sez - 1.18.4-1 - Update to 1.18.4 Sun Jun 19 2022 Robert-Andr Mauchin...
RHEL 8 : Release of OpenShift Serverless Client kn 1.26.0 (Low) (RHSA-2022:8932)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:8932 advisory. Red Hat OpenShift Serverless Client kn 1.26.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.26.0. The kn CLI is delivered as an RPM...
RHEL 7 / 8 : OpenShift Virtualization 4.11.0 RPMs (RHSA-2022:6527)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6527 advisory. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...
RHEL 8 / 9 : OpenShift Container Platform 4.13.2 (RHSA-2023:3366)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3366 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Security Bulletin: IBM Storage Fusion HCI may be vulnerable to Denial of Service via use of golang.org/x/net, x/crypto, and x/text (CVE-2022-30633, CVE-2022-27664, CVE-2022-28131, CVE-2022-41721, CVE-2021-43565, CVE-2022-27191)
Summary Golang's x/net, x/crypto and x/text are used by IBM Storage Fusion HCI for networking, cryptography and internationalization. Vulnerabilities in these libraries include Inconsistent Interpretation of HTTP Requests, Uncontrolled Recursion, and Missing Release of Resource that could lead to...
Security Bulletin: IBM Storage Fusion may be vulnerable to Denial of Service via use of golang.org/x/net, x/crypto, and x/text (CVE-2022-30633, CVE-2022-27664, CVE-2022-28131, CVE-2022-41721, CVE-2021-43565, CVE-2022-27191, CVE-2022-32149)
Summary Golang's x/net, x/crypto and x/text are used by IBM Storage Fusion for networking, cryptography and internationalization. Vulnerabilities in these libraries include Inconsistent Interpretation of HTTP Requests, Uncontrolled Recursion, and Missing Release of Resource that could lead to a...
Amazon Linux AMI : amazon-ssm-agent (ALAS-2023-1825)
The version of amazon-ssm-agent installed on the remote host is prior to 3.2.1377.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1825 advisory. The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker t...
Important: amazon-ssm-agent
Issue Overview: The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentification with R...
Moderate: Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 6.0.1[security update]
The components for Red Hat OpenShift support for Windows Containers 6.0.1 are now available. This product release includes bug fixes and security update for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this...
Mageia: Security Advisory (MGASA-2023-0213)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated skopeo/buildah/podman packages fix security vulnerability
Information disclosure flaw was found in Buildah CVE-2021-3602 podman allows forwarding hosts ports to vm from within vm CVE-2021-4024 Allows use "../" separators in containernetworking/cni to reference binaries such as 'reboot' in network configuration CVE-2021-20206 github.com/containers/storag...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.2 packages and security update
Red Hat OpenShift Container Platform release 4.13.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update
Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...
SUSE SLED15: golang-github-prometheus-alertmanager / etc (SUSE-SU-2023:2187-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2187-1 advisory. golang-github-prometheus-alertmanager: - Security issues fixed: CVE-2022-46146: Fix authenticati...
SUSE: Security Advisory (SUSE-SU-2023:2187-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:2183-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...