BIT-COSIGN-2024-29903 Cosign vulnerable to machine-wide denial of service via malicious artifacts

Cosign provides code signing and transparency for containers and binaries. Prior to version 2.2.4, maliciously-crafted software artifacts can cause denial of service of the machine running Cosign thereby impacting all services on the machine. The root cause is that Cosign creates slices based on...

CVE-2024-29902

Cosign provides code signing and transparency for containers and binaries. Prior to version 2.2.4, a remote image with a malicious attachment can cause denial of service of the host machine running Cosign. This can impact other services on the machine that rely on having memory available such as ...

CVE-2023-22466 affecting package kata-containers for versions less than 3.2.0.azl0-1

CVE-2023-22466 affecting package kata-containers for versions less than 3.2.0.azl0-1. This CVE either no longer is or was never applicable...

CVE-2024-29990

Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability...

SUSE SLES15 Security Update : buildah (SUSE-SU-2024:1144-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1144-1 advisory. - A flaw was found in Buildah and subsequently Podman Build which allows containers to mount arbitrary locations on the host filesystem into...

container-tools:rhel8 bug fix update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...

AZL-39217 CVE-2023-45288 affecting package kata-containers-cc for versions less than 3.2.0.azl2-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-39634 CVE-2023-45288 affecting package kata-containers-cc for versions less than 3.2.0.azl4-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-39625 CVE-2023-45288 affecting package kata-containers for versions less than 3.2.0.azl4-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

AZL-39232 CVE-2023-45288 affecting package kata-containers for versions less than 3.2.0.azl2-1

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

CVE-2024-20282

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this...

CVE-2024-20282

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this...

CVE-2024-20282

CVE-2024-20282 — Cisco Nexus Dashboard Privilege Elevation : A vulnerability in Cisco Nexus Dashboard allows an authenticated, local attacker with valid rescue-user credentials to escalate to root. The issue stems from insufficient protections for a sensitive access token, enabling access to reso...

CVE-2024-20282

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this...

Cisco Nexus Dashboard Privilege Escalation Vulnerability

A vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privileges to root on an affected device. This vulnerability is due to insufficient protections for a sensitive access token. An attacker could exploit this...

Exploit for File Descriptor Leak in Linuxfoundation Runc

CVE-2024-21626 POC Requirements runc 1.1.0 /proc/self/c...

[SECURITY] Fedora 38 Update: podman-4.9.4-1.fc38

podman Pod Manager is a fully featured container engine that is a simple daemonless tool. podman provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images. Simply put: alias docker=3Dpodman. Most...

Fedora: Security Advisory (FEDORA-2024-9231308a4f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-a8a4ce2864)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Cross-Site scripting vulnerability in ESAPI may affect IBM Business Automation Workflow - IBM X-Force ID: 273485

Summary IBM Business Automation Workflow is vulnerable to a Cross-Site scripting attack. Vulnerability Details IBM X-Force ID: 273485 DESCRIPTION: Enterprise Security API for Java is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...