Lucene search
+L

68 matches found

Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.29 views

RHEL 9 : Red Hat OpenStack Platform 17.0 (etcd) (RHSA-2023:1014)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:1014 advisory. A highly-available key value store for shared configuration Security Fixes: Improve heuristics preventing CPU/memory abuse by parsing malicious or...

7.5CVSS6.5AI score0.017EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/02 6:29 p.m.40 views

Security Bulletin: IBM Planning Analytics Connector for SAP is affected by security vulnerabilities

Summary IBM Planning Analytics Connector for SAP is affected but not classified as vulnerable, based on current information, to vulnerabilities in Golang Go CVE-2022-41723 and Go YAML CVE-2021-4235, CVE-2022-3064. These have been addressed by upgrading the vulnerable libraries. Vulnerability...

7.5CVSS7.3AI score0.04561EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/30 8:15 a.m.79 views

Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from go-yaml, OpenSSL, GnuTLS , OpenTelemetry-Go, go-toolset and urllib3

Summary OpenSSL, go-yaml, GnuTLS , OpenTelemetry-Go and urllib3 are consumed through RedHat UBI, go-toolset and OSE packages. These packages are shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details CVEID:CVE-2022-28948 DESCRIPTION: Go-Yaml is vulnerabl...

8.1CVSS8.3AI score0.05533EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/19 12:0 a.m.25 views

CBL Mariner 2.0 Security Update: kured (CVE-2022-28948)

The version of kured installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-28948 advisory. - An issue in the Unmarshal function in Go-Yaml v3 causes the program to crash when attempting to deserialize...

7.5CVSS6.6AI score0.03733EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2023/11/14 4:3 p.m.123 views

Moderate: Red Hat Security Advisory: container-tools:rhel8 security and bug fix update

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.5AI score0.04561EPSS
Exploits3References45
RedHat Linux
RedHat Linux
added 2023/11/14 3:32 p.m.62 views

Moderate: Red Hat Security Advisory: container-tools:4.0 security and bug fix update

An update for the container-tools:4.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...

9.8CVSS6.5AI score0.04561EPSS
Exploits2References20
OSV
OSV
added 2023/11/14 12:0 a.m.38 views

ALSA-2023:6939 Moderate: container-tools:rhel8 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handling of JavaScri...

9.8CVSS8.2AI score0.04561EPSS
Exploits3References36
AlmaLinux
AlmaLinux
added 2023/11/14 12:0 a.m.60 views

Moderate: container-tools:rhel8 security and bug fix update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents CVE-2022-3064 golang: html/template: improper handling of JavaScri...

9.8CVSS6.7AI score0.04561EPSS
Exploits3References36
RedHat Linux
RedHat Linux
added 2023/11/07 9:12 a.m.9 views

go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents

A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document...

7.5CVSS7.3AI score0.017EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.31 views

RHEL 9 : toolbox (RHSA-2023:6346)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6346 advisory. Toolbox is a tool for Linux operating systems, which allows the use of containerized command line environments. It is built on top of Podman...

9.8CVSS7.1AI score0.04561EPSS
Exploits0References26
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/07 3:16 p.m.40 views

Security Bulletin: IBM App Connect Enterprise Certified Container Operator and IntegrationServer operands are vulnerable to denial of service due to [CVE-2022-28948]

Summary Go-Yaml is used internally by IBM App Connect Enterprise Certified Container for reading YAML configuration. IBM App Connect Enterprise Certified Container Operator and IntegrationServer operands are vulnerable to denial of service. This bulletin provides patch information to address the...

7.5CVSS7.3AI score0.03733EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/08/29 9:46 p.m.62 views

Security Bulletin: IBM Storage Fusion and IBM Storage Fusion HCI may be vulnerable to denial of service and link following via Go-Yaml, kube-apiserver, Golang Go and Beego

Summary IBM Storage Fusion and IBM Storage Fusion HCI, previously known as Spectrum Fusion and Spectrum Fusion HCI, may be affected by vulnerabilities in Go-Yaml, kube-apiserver, Golang Go and Beego . Vulnerabilities include denial of service, gaining of elevated privileges, improper link followi...

7.8CVSS7.9AI score0.04561EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/08/14 12:0 a.m.25 views

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Go yaml vulnerabilities (USN-6287-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6287-1 advisory. Simon Ferquel discovered that the Go yaml package incorrectly handled certain YAML documents. If a user or an automated system we...

7.5CVSS6.5AI score0.017EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2023/06/24 1:26 a.m.57 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.22 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.22 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

5.5CVSS6.6AI score0.00415EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2023/05/24 7:9 a.m.50 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.10.60 security update

Red Hat OpenShift Container Platform release 4.10.60 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of...

7.5CVSS6.7AI score0.017EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/03/15 7:58 p.m.5 views

go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents

A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document...

7.5CVSS7.3AI score0.017EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/03/01 9:0 a.m.39 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.10.53 bug fix and security update

Red Hat OpenShift Container Platform release 4.10.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...

9.1CVSS6.7AI score0.05623EPSS
Exploits1References17
RedHat Linux
RedHat Linux
added 2023/02/28 3:48 p.m.4 views

go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents

A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document...

7.5CVSS7.3AI score0.017EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2023/02/22 11:49 p.m.63 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.9.56 security update

Red Hat OpenShift Container Platform release 4.9.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a...

7.5CVSS6.6AI score0.017EPSS
Exploits0References9
RedHat Linux
RedHat Linux
added 2023/02/17 3:46 a.m.43 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps security update

An update is now available for Red Hat OpenShift GitOps 1.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

9.1CVSS6.6AI score0.017EPSS
Exploits1References4
Rows per page
Query Builder