682 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-23445
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was identified that if a cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.79 security and extras update
Red Hat OpenShift Container Platform release 4.12.79 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of...
Insufficiently Protected Credentials
Overview Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the invite mechanism for remote clusters. An attacker can send unauthorized synchronization payloads by intercepting both the invite and password during the invitation process. Remediation Upgrad...
Insufficiently Protected Credentials
Overview github.com/mattermost/mattermost/server/channels/app is a private-cloud Slack alternative Affected versions of this package are vulnerable to Insufficiently Protected Credentials via the invite mechanism for remote clusters. An attacker can send unauthorized synchronization payloads by...
PT-2025-49439
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the exFAT file system related to the validation of cluster allocation bits in the allocation bitmap. Specifically, the system reads and utilizes t...
FreeBSD : MongoDB -- Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections (79251dc8-5bc5-11f0-834f-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 79251dc8-5bc5-11f0-834f-b42e991fc52e advisory. [email protected] reports: MongoDB Server's mongos component can become unresponsive to new connections d...
CVE-2025-6714
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...
CVE-2025-6714
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...
UBUNTU-CVE-2025-6714
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...
CVE-2025-6714 Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...
CVE-2025-6714
CVE-2025-6714 describes an issue where MongoDB Server’s mongos can become unresponsive to new connections when handling incomplete data in load-balanced sharded clusters (HAProxy on specified ports). Affected versions are MongoDB Server v6.0 before 6.0.23, v7.0 before 7.0.20, and v8.0 before 8.0....
Incorrect Handling of incomplete data may prevent mongoS from Accepting New Connections
MongoDB Server's mongos component can become unresponsive to new connections due to incorrect handling of incomplete data. This affects MongoDB when configured with load balancer support. This issue affects MongoDB Server v6.0 prior to 6.0.23, MongoDB Server v7.0 prior to 7.0.20 and MongoDB Serve...
PT-2025-28180
Name of the Vulnerable Software and Affected Versions: MongoDB Server versions 6.0 prior to 6.0.23 MongoDB Server versions 7.0 prior to 7.0.20 MongoDB Server versions 8.0 prior to 8.0.9 Description: The issue affects MongoDB Server's mongos component, causing it to become unresponsive to new...
Important: Red Hat Security Advisory: Red Hat Developer Hub 1.6.2 release.
Red Hat Developer Hub 1.6.2 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...
Important: Red Hat Security Advisory: RHSA: Submariner 0.20.1 - bug fix and enhancement update
Submariner 0.20 packages that fix various bugs and add various enhancements that are now available for Red Hat Advanced Cluster Management for Kubernetes version 2.13 Submariner enables direct networking between pods and services on different Kubernetes clusters that are either on-premises or in...
PT-2025-23952
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Envoy side-cars affected versions not specified Description A flaw exists in the Linux kernel related to insufficient validation of extensible ioctls within the pidfs subsystem. This could potential...
Important: Red Hat Security Advisory: Red Hat Developer Hub 1.5.2 release.
Red Hat Developer Hub 1.5.2 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...
Important: Red Hat Security Advisory: Multicluster Engine for Kubernetes 2.4.9 security updates and bug fixes
Multicluster Engine for Kubernetes 2.4.9 General Availability release images, which fix bugs and update container images. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...
CVE-2025-5198
CVE-2025-5198 describes a Cross-site Scripting (XSS) flaw in Stackrox where the vulnerability can be triggered if script code is placed in a small subset of table cells, specifically when contained in the name of a Kubernetes “Role” object applied to a secured cluster. The exploit would require c...
SUSE CVE-2025-47283
Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0 that could allow a user with administrative privileges for a Gardener project to obtain...