Lucene search
K

11 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/01/16 3:2 p.m.22 views

Security Bulletin: IBM Storage Ceph is vulnerable to improper authentication in Crewjam/SAML [CVE-2022-41912]

Summary Crewjam/SAML is used by IBM Storage Ceph as part of RGW and in assorted other locations CVE-2022-41912 This bulletin identifies the steps to take to address the vulnerability in Crewjam/SAML. Vulnerability Details CVEID:CVE-2022-41912 DESCRIPTION: Crewjam saml could allow a remote attacke...

9.8CVSS9.1AI score0.02179EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/06/15 3:59 p.m.68 views

Important: Red Hat Security Advisory: Red Hat Ceph Storage 6.1 Container security and bug fix update

A new container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

9.8CVSS7AI score0.68603EPSS
Exploits13References40
RedHat Linux
RedHat Linux
added 2023/02/07 6:36 p.m.42 views

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.7.0 security and bug fix updates

Red Hat Advanced Cluster Management for Kubernetes 2.7.0 General Availability release images, which provide security updates and fix bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.8CVSS9AI score0.02179EPSS
Exploits1References21
RedHat Linux
RedHat Linux
added 2023/01/10 7:53 a.m.48 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.10.47 bug fix and security update

Red Hat OpenShift Container Platform release 4.10.47 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...

9.8CVSS6.9AI score0.02179EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2022/12/14 10:38 p.m.40 views

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management 2.6.3 security update

Red Hat Advanced Cluster Management for Kubernetes 2.6.3 General Availability release images, which provide security updates, fix bugs, and update container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS...

9.8CVSS6.8AI score0.02179EPSS
Exploits0References5
Circl
Circl
added 2022/11/28 6:28 p.m.5 views

CVE-2022-41912

creationtimestamp| type| source ---|---|--- 2022-11-28 18:28:01+00:00| seen| https://t.me/cibsecurity/53581 2022-12-31 23:33:58+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/7459 2023-01-02 19:24:08+00:00| published-proof-of-concept| https://t.me/crackcodes/2063...

9.8CVSS7.6AI score0.02179EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2022/11/28 3:15 p.m.35 views

CVE-2022-41912

The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. This issue has been corrected in version 0.4.9. There are no workarounds other than upgrading to a fixed version...

9.8CVSS6.8AI score0.02179EPSS
Exploits0References4
CVE
CVE
added 2022/11/28 12:0 a.m.198 views

CVE-2022-41912

Affected software: crewjam/saml Go library

9.8CVSS9.5AI score0.02179EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/28 12:0 a.m.7 views

CVE-2022-41912 crewjam/saml go library is vulnerable to signature bypass via multiple Assertion elements

The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. This issue has been corrected in version 0.4.9. There are no workarounds other than upgrading to a fixed version...

9.1CVSS9.6AI score0.02179EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2022/11/28 12:0 a.m.30 views

CVE-2022-41912

Removed by vendor...

9.8CVSS7.9AI score0.02179EPSS
Exploits0
Cvelist
Cvelist
added 2022/11/28 12:0 a.m.36 views

CVE-2022-41912 crewjam/saml go library is vulnerable to signature bypass via multiple Assertion elements

The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. This issue has been corrected in version 0.4.9. There are no workarounds other than upgrading to a fixed version...

9.1CVSS9.8AI score0.02179EPSS
Exploits0References3
Rows per page
Query Builder