Oracle Linux 8 : olcne (ELSA-2023-25546)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-25546 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.25.11 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 7 : olcne (ELSA-2023-25545)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-25545 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.25.11 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 7 : kubernetes (ELSA-2023-12562)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12562 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.24.15 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 8 : kubernetes (ELSA-2023-12561)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12561 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.24.15 Tenable has extracted the preceding description block directly from the Oracle Linux...

Oracle Linux 7 : kubernetes (ELSA-2023-12563)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12563 advisory. - CVE-2023-2727, CVE-2023-2728 Kubernetes upgraded to 1.25.11 - CVE-2023-27496 - CVE-2023-27488 - CVE-2023-27493 - CVE-2023-27492 - CVE-2023-27491 -...

Security Bulletin: A security vulnerabilities has been identified in IBM WebSphere Application Server Liberty shipped with IBM Business Automation Workflow (CVE-2023-28867)

Summary WebSphere Application Server Liberty is shipped as part of IBM Business Automation Workflow containers and as part of the optional components Process Federation Server since 8.5.6, and User Management Service since 18.0.0.1 in IBM Business Automation Workflow traditional. Information abou...

runc: volume mount race condition (regression of CVE-2019-19921)

A flaw was found in runc. An attacker who controls the container image for two containers that share a volume can race volume mounts during container initialization by adding a symlink to the rootfs that points to a directory on the volume...

SUSE SLES15 Security Update : kubernetes1.23 (SUSE-SU-2023:2542-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2542-1 advisory. - Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers...

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.23 (SUSE-SU-2023:2543-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2543-1 advisory. - Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral...

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.24 (SUSE-SU-2023:2544-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2544-1 advisory. - Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral...

SUSE SLES15 / openSUSE 15 Security Update : kubernetes1.18 (SUSE-SU-2023:2541-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2541-1 advisory. - Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral...

SUSE CVE-2023-2727

Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers...

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.0

Red Hat OpenShift Service Mesh Containers for 2.4.0 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Important: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.10 security and bug fix update

The Migration Toolkit for Containers MTC 1.7.10 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

CVE-2023-2728

A flaw was found in Kubernetes, where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. The policy ensures that pods running with a service account may only reference secrets specified i...

CVE-2023-2727

A flaw was found in Kubernetes, where users may be able to launch containers using images restricted by the ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers. Mitigation...

PT-2023-3118 · Unknown +3 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes affected versions not specified Description: The issue is related to the possibility of bypassing the ImagePolicyWebhook admission plugin's policies when using ephemeral containers in Kubernetes clusters. This could allow a remote...

PT-2023-21049 · Unknown +3 · Kubernetes +2

Name of the Vulnerable Software and Affected Versions: Kubernetes affected versions not specified Description: The issue allows users to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers. This policy ensures...

Amazon Linux 2 : runc (ALASNITRO-ENCLAVES-2023-024)

The version of runc installed on the remote host is prior to 1.1.5-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2NITRO-ENCLAVES-2023-024 advisory. runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions ...

Security Bulletin: Vulnerability in spring-expressions may affect IBM Business Automation Workflow - CVE-2023-20863

Summary IBM Business Automation Workflow packages a vulnerable copy of spring-expressions in BPM/Lombardi/lib. Vulnerability Details CVEID:CVE-2023-20863 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service, caused by improper input validation. By sending a specially...