Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-7.17.13.jar

Summary IBM Watson Discovery Cartridge affected by vulnerability in elasticsearch-7.17.13.jar Vulnerability Details CVEID:CVE-2023-46673 DESCRIPTION: It was identified that malformed scripts used in the script processor of an Ingest Pipeline could cause an Elasticsearch node to crash when calling...

GHSA-5V8F-XX9M-WJ44 Elasticsearch stores private key on disk unencrypted

It was discovered by Elastic engineering that when elasticsearch-certutil CLI tool is used with the csr option in order to create a new Certificate Signing Requests, the associated private key that is generated is stored on disk unencrypted even if the --pass parameter is passed in the command...

CVE-2024-23444

It was discovered by Elastic engineering that when elasticsearch-certutil CLI tool is used with the csr option in order to create a new Certificate Signing Requests, the associated private key that is generated is stored on disk unencrypted even if the --pass parameter is passed in the command...

CVE-2024-23444 Elasticsearch elasticsearch-certutil csr fails to encrypt private key

It was discovered by Elastic engineering that when elasticsearch-certutil CLI tool is used with the csr option in order to create a new Certificate Signing Requests, the associated private key that is generated is stored on disk unencrypted even if the --pass parameter is passed in the command...

K15970: GnuTLS 3.x vulnerability CVE-2014-8564

Security Advisory Description The gnutlseccansix963export function in gnutlsecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service out-of-bounds write via a crafted 1 Elliptic Curve Cryptography ECC certificate or 2...

SUSE CVE-2014-8564

The gnutlseccansix963export function in gnutlsecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service out-of-bounds write via a crafted 1 Elliptic Curve Cryptography ECC certificate or 2 certificate signing requests CSR,...

HashiCorp Consul 安全漏洞

HashiCorp Consul is a suite of distributed, highly available data center-aware solutions from HashiCorp USA. The product is used to connect and configure applications across dynamically distributed infrastructures. A security vulnerability exists in HashiCorp Consul and Consul Enterprise versions...

ForgeCert - "Golden" Certificates

ForgeCert uses the BouncyCastle C API and a stolen Certificate Authority CA certificate + private key to forge certificates for arbitrary users capable of authentication to Active Directory. This attack is codified as DPERSIST1 in our "Certified Pre-Owned" whitepaper. This code base was released ...

CVE-2014-8564

The gnutlseccansix963export function in gnutlsecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service out-of-bounds write via a crafted 1 Elliptic Curve Cryptography ECC certificate or 2 certificate signing requests CSR,...

gnutls: Heap corruption when generating key ID for ECC (GNUTLS-SA-2014-5)

An out-of-bounds memory write flaw was found in the way GnuTLS parsed certain ECC Elliptic Curve Cryptography certificates or certificate signing requests CSR. A malicious user could create a specially crafted ECC certificate or a certificate signing request that, when processed by an application...

puppet: insufficient validation of agent names in CN of SSL certificate requests

lib/puppet/ssl/certificateauthority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request CSR, which makes it easier for user-assisted remote attackers to trick...

Puppet: Multiple vulnerabilities

Background Puppet is a system configuration management tool written in Ruby. Description Multiple vulnerabilities have been discovered in Puppet. Please review the CVE identifiers referenced below for details. Impact A local attacker could gain elevated privileges, or access and modify arbitrary...

GLSA-201203-03 : Puppet: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201203-03 Puppet: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Puppet. Please review the CVE identifiers referenced below for details. Impact : A local attacker could gain elevated privileges, or acces...

Important: Red Hat Security Advisory: rhpki-common security update

Updated rhpki-common packages that fix a security issue are now available for Red Hat Certificate System 7.2. This update has been rated as having important security impact by the Red Hat Security Response Team. Red Hat Certificate System RHCS is an enterprise software system designed to manage...

Important: Red Hat Security Advisory: rhpki-common security update

An updated rhpki-common package that fixes a security issue is now available for Red Hat Certificate System 7.3. This update has been rated as having important security impact by the Red Hat Security Response Team. Red Hat Certificate System RHCS is an enterprise software system designed to manag...

Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : openssl-blacklist update (USN-612-9)

USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys. This update enhances the openssl-vulnkey tool to check Certificate Signing Requests, accept input from STDIN, and check moduli without ...