97 matches found
SUSE-SU-2026:20550-1 Security update for containerized-data-importer
This update for containerized-data-importer fixes the following issues: Update to version 1.64.0. Security issues fixed: - CVE-2024-28180: improper handling of highly compressed data bsc1235204. - CVE-2024-45338: denial of service due to non-linear parsing of case-insensitive content bsc1235365. ...
SUSE-SU-2026:0592-1 Security update for vexctl
This update for vexctl fixes the following issues: - Update to version 0.4.1+git78.f951e3a: - CVE-2025-22868: Unexpected memory consumption during token parsing in golang.org/x/oauth2. bsc1239186 - CVE-2024-45337: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in...
Security Bulletin: Vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge
Summary Potential vulnerability has been identified that affects IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-22868 DESCRIPTION: An attacker can pas...
Security update for trivy (important)
openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2025:0490-1 Rating: important References: 1239225 1239385 1240466 1241724 1243633 1246730 1248897 1248937 1250625 1251363 1251547 1253512 1253786 1253977 Cross-References: CVE-2025-11065 CVE-2025-22868 CVE-2025-22869...
Security update for trivy (important)
openSUSE Security Update: Security update for trivy Announcement ID: openSUSE-SU-2025:0489-1 Rating: important References: 1239225 1239385 1240466 1241724 1243633 1246730 1248897 1248937 1250625 1251363 1251547 1253512 1253786 1253977 Cross-References: CVE-2025-11065 CVE-2025-22868 CVE-2025-22869...
Fedora: Security Advisory (FEDORA-2025-3afa669ec0)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple security vulnerabilities in Go affects IBM Robotic Process Automation for Cloud Pak
Summary Multiple security vulnerabilities in Go affects IBM Robotic Process Automation for Cloud Pak. Go is used by IBM Robotic Process Automation for Cloud Pak as part of its deployment. This bulletin identifies the fixes required to resolve the vulnerabilities. Vulnerability Details...
RLSA-2025:7479 Important: opentelemetry-collector security update
Collector with the supported components for a Rocky Enterprise Software Foundation build of OpenTelemetry Security Fixes: go-jose: Go JOSE's Parsing Vulnerable to Denial of Service CVE-2025-27144 golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2/jw...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.60 bug fix and security update
Red Hat OpenShift Container Platform release 4.13.60 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...
Security Bulletin: Malformed Token Parsing Vulnerability Leads to Unexpected Memory Consumption, which affects IBM watsonx.data
Summary An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. These can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-22868 DESCRIPTION: An attacker can pass a malicious malformed token which causes unexpected memory to be...
Security Bulletin: IBM Financial Transaction Manager is impacted by multiple vulnerabilities in RedHat Proxy for Kubernetes RBAC authorization
Summary IBM Financial Transaction Manager for RedHat OpenShift has addressed the following vulnerabilities. Vulnerability Details CVEID:CVE-2024-45338 DESCRIPTION: An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.55 bug fix and security update
Red Hat OpenShift Container Platform release 4.15.55 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...
Security Bulletin: Vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge
Summary Potential vulnerabilities been identified that affect IBM watsonx Orchestrate with watsonx Assistant Cartridge - UAB Component. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2025-22868 DESCRIPTION: An attacker can pass a...
SUSE-SU-2025:02097-1 Security update for ignition
This update for ignition fixes the following issues: - CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192...
SUSE SLES15 / openSUSE 15 Security Update : ignition (SUSE-SU-2025:02014-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:02014-1 advisory. - CVE-2025-22870: golang.org/x/net/http/httpproxy: proxy bypass using IPv6 zone IDs bsc1238681. - CVE-2025-22868:...
SUSE-SU-2025:02046-1 Security update for ignition
This update for ignition fixes the following issues: - CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192...
SUSE-SU-2025:02041-1 Security update for ignition
This update for ignition fixes the following issues: - CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192...
Security update for ignition
This update for ignition fixes the following issues: CVE-2025-22868: golang.org/x/oauth2/jws: Unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239192. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...
RHEL 10 : opentelemetry-collector (RHSA-2025:7479)
The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2025:7479 advisory. Collector with the supported components for a Red Hat build of OpenTelemetry Security Fixes: go-jose: Go JOSE's Parsing Vulnerable to Denia...
Important: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.7 security and bug fix update
The Migration Toolkit for Containers MTC 1.8.7 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...