Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for January 2026.

Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Cloud Pak for Business Automation 24.0.0-IF008. Vulnerability Details CVEID:CVE-2019-17543 DESCRIPTION: LZ4 before 1.9.2 has a heap-based buffer overflow in...

openSUSE: Security Advisory for kubernetes1.23 (SUSE-SU-2024:3341-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for kubernetes1.24 (SUSE-SU-2024:3343-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : kubernetes1.24 (SUSE-SU-2024:3343-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3343-1 advisory. - CVE-2021-25743: escape, meta and control sequences in raw data output to terminal not neutralized. bsc1194400 - CVE-2023-2727:...

SUSE: Security Advisory (SUSE-SU-2024:3341-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:3343-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Cloud Pak for Data is vulnerable due to k8s.io/kubernetes ( CVE-2023-2728, CVE-2023-2727, CVE-2023-5408, CVE-2023-3955, CVE-2023-3676 )

Summary k8s.io/kubernetes is used by IBM Cloud Pak for Data as part of the platform. CVE-2023-2728, CVE-2023-2727, CVE-2023-5408, CVE-2023-3955, CVE-2023-3676. Vulnerability Details CVEID:CVE-2023-2728 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to bypass security...

RHEL 9 : Red Hat build of MicroShift 4.14.0 (RHSA-2023:5008)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5008 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built fr...

Advisory ROSA-SA-2024-2405

software: kubernetes 1.25.15 WASP: ROSA-CHROME packageevrstring: kubernetes-1.25.15-1 CVE-ID: CVE-2023-2431 BDU-ID: 2023-03899 CVE-Crit: LOW CVE-DESC.: A vulnerability in the kubelet utility of the Kubernetes virtual machine cluster management software tool is related to insufficient validation o...

openSUSE: Security Advisory for kubernetes1.24 (SUSE-SU-2023:3260-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Red Hat build of MicroShift 4.14.0 security update

Red Hat build of MicroShift release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.24 (SUSE-SU-2023:3260-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3260-1 advisory. - Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral...

CVE-2023-2727

Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers...

DEBIAN-CVE-2023-2727

Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers...

CVE-2023-2727 vulnerabilities

Vulnerabilities for packages: calico...

CVE-2023-2727

Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers...

CVE-2023-2727 Bypassing policies imposed by the ImagePolicyWebhook admission plugin

Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers...

CVE-2023-2727

CVE-2023-2727: Kubernetes clusters that use ephemeral containers are affected when the ImagePolicyWebhook admission plugin is used together with ephemeral containers; this may allow launching containers from images restricted by ImagePolicyWebhook. The vulnerability is described in the initial do...

CVE-2023-2727 Bypassing policies imposed by the ImagePolicyWebhook admission plugin

Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers...

Oracle Linux 8 : olcne (ELSA-2023-25546)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-25546 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.25.11 Tenable has extracted the preceding description block directly from the Oracle Linux...