PT-2023-16844 · Kubernetes · Kube-Apiserver

Name of the Vulnerable Software and Affected Versions: kube-apiserver affected versions not specified Description: An authentication bypass issue was discovered in kube-apiserver, allowing a remote, authenticated attacker with update, patch permissions on the pods/ephemeralcontainers subresource ...

The vulnerability of Eclipse Jetty servlet containers, related to inadequate management of system resources, allows attackers to trigger service failures.

The vulnerability of Eclipse Jetty servlet containers is related to insufficient management of system resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

Moderate: Red Hat Security Advisory: OpenShift Virtualization 4.11.6 security and bug fix update

Red Hat OpenShift Virtualization release 4.11.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which giv...

Oracle Linux 8 : container-tools:1.0 (ELSA-2019-3494)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3494 advisory. - ipreass in ipinput.c in libslirp 4.0.0 has a heap-based buffer overflow via a large packet because it mishandles a case involving the first fragment...

Oracle Linux 7 : Unbreakable Enterprise kernel-container kata-image kata-runtime kata kubernetes kubernetes istio olcne (ELSA-2020-5765)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5765 advisory. - x86/speculation: Add SRBDS vulnerability and mitigation documentation Mark Gross Orabug: 31446720 CVE-2020-0543 - x86/speculation: Add Special Regist...

kube-apiserver: PrivEsc

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...

Security Bulletin: Cross-site scripting vulnerability affect IBM Business Automation Workflow - CVE-2023-33858

Summary IBM Business Automation Workflow is vulnerable to a cross-site scripting attack. Vulnerability Details CVEID:CVE-2023-33858 DESCRIPTION: IBM Business Automation Workflow is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI...

container-tools:rhel8 bug fix and enhancement update

An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns,...

Security Bulletin: Multiple security vulnerabilities in Java affect IBM Robotic Process Automation

Summary Java is used by IBM Robotic Process Autoamtion as part of the ILMT, NLP and Containers CVE-2023-2597, CVE-2023-21930, CVE-2023-21937, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21968. Vulnerability Details CVEID:CVE-2023-21968 DESCRIPTION: An unspecified...

Important: Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 8.0.2 security update

The components for Red Hat OpenShift support for Windows Containers 8.0.2 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this...

Important: Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 5.1.2 security update

The components for Red Hat OpenShift support for Windows Containers 5.1.2 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this...

This Week in Spring - August 29th, 2023 - the post SpringOne recovery blog

Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm exhausted. Seriously. Last week was mental. If you need me, I'll be over sipping on a tea... But, before that, there's a ton of things to cover from this last week, as always, and there's no rest for the curious, so let's...

Important: Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 6.0.2 security update

The components for Red Hat OpenShift support for Windows Containers 6.0.2 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this...

Important: Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 7.1.1 security update

The components for Red Hat OpenShift support for Windows Containers 7.1.1 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this...

Why Your AWS Cloud Container Needs Client-Side Security

With increasingly complicated network infrastructure and organizations needing to deploy applications across various environments, cloud containers are necessary for companies to stay agile and innovative. Containers are packages of software that hold all of the necessary components for an app to...

Moderate: Red Hat Security Advisory: Release of containers for OSP 16.2.z (Train) director Operator

Red Hat OpenStack Platform RHOSP 16.2.z Train director Operator containers are now available. Release of Red Hat OpenStack Platform RHOSP 16.2.z Train provides these changes:...

Debian: Security Advisory (DLA-3533-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: golang-github-opencontainers-runc-1.1.8-2.fc38

Runc is a CLI tool for spawning and running containers according to the OCI specification...

[SECURITY] Fedora 37 Update: golang-github-opencontainers-runc-1.1.8-2.fc37

Runc is a CLI tool for spawning and running containers according to the OCI specification...

(0Day) Microsoft GitHub Dev-Containers Improper Privilege Management Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft GitHub. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of Dev-Containers. The application does not enforce the privileged flag with...