218 matches found
Kibana 8.15.0 Security Update (ESA-2024-29, ESA-2024-30)
Kibana server-side request forgery ESA-2024-29 A server side request forgery vulnerability was identified in Kibana where the /api/fleet/healthcheck API could be used to send requests to internal endpoints. Due to the nature of the underlying request, only endpoints available over https that retu...
openSUSE 15 Security Update : etcd (openSUSE-SU-2025:0003-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:0003-1 advisory. Update to version 3.5.12: Bump golang.org/x/crypto to v0.17+ to address CVE-2023-48795 test: fix TestHashKVWhenCompacting: ensure all goroutine...
OPENSUSE-SU-2025:0003-1 Security update for etcd
This update for etcd fixes the following issues: Update to version 3.5.12: Bump golang.org/x/crypto to v0.17+ to address CVE-2023-48795 test: fix TestHashKVWhenCompacting: ensure all goroutine finished print error log when creating peer listener failed mvcc: Printing etcd backend database related...
Microsoft PC Manager 后置链接漏洞
Microsoft PC Manager is a computer management software from Microsoft USA that allows one-click acceleration, system space management, pop-up window management, and full health check. Microsoft PC Manager suffers from a backlink vulnerability. An attacker can exploit this vulnerability to elevate...
GO-2022-0615 Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul
Hashicorp Consul HTTP health check endpoints returning an HTTP redirect may be abused as SSRF vector in github.com/hashicorp/consul...
Malicious code in health-check-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ef9d93b4469df4d458d4c4a226b45fa7baf7760a84cd3d8b5fc84fb990e0e6ba The OpenSSF Package Analysis project identified 'health-check-nodejs' @ 3.16.1 npm as malicious. It is considered malicious because: - The packa...
MAL-2024-7836 Malicious code in health-check-nodejs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis ef9d93b4469df4d458d4c4a226b45fa7baf7760a84cd3d8b5fc84fb990e0e6ba The OpenSSF Package Analysis project identified 'health-check-nodejs' @ 3.16.1 npm as malicious. It is considered malicious because: - The packa...
SUSE CVE-2022-29224
Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can "hold" prevent removal upstrea...
BIT-CONSUL-2022-29153
HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5...
VulnCheck KEV: CVE-2022-29153
HashiCorp Consul and Consul Enterprise up to 1.9.16, 1.10.9, and 1.11.4 may allow server side request forgery when the Consul client agent follows redirects returned by HTTP health check endpoints. Fixed in 1.9.17, 1.10.10, and 1.11.5...
Important: Red Hat Security Advisory: Node Health Check Operator 0.6.1 security update
This is an updated version for the node-healthcheck-must-gather-container, the node-healthcheck-operator-bundle-container, the node-healthcheck-operator-container, and the node-remediation-console-container. It is now available for Node Health Check Operator 0.6 for RHEL 8. Red Hat Product Securi...
Important: Red Hat Security Advisory: Node Health Check Operator 0.4.1
This is an updated version of the Node Health Check Operator. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
Important: Red Hat Security Advisory: Self Node Remediation Operator 0.7.1 security update
This is an updated version of the Self Node Remediation Operator. This Operator is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
PT-2023-26185 · Dapr · Dapr
Name of the Vulnerable Software and Affected Versions: Dapr versions prior to 1.10.9 Dapr versions prior to 1.11.2 Description: A vulnerability has been found in Dapr that allows bypassing API token authentication with a well-crafted HTTP request. This issue impacts Dapr users who have configured...
This Week in Spring - July 11th, 2023
Hi, Spring fans! Welcome to another installment of This Week in Spring! I'm in yummy, sunny Jakarta, Indonesia at the moment, preparing for a week of meetings and the SpringOne Tour Indonesia event later this week. I'll also be speaking in Kuala Lumpur, Malaysia on July 20th, 2023 . If you're in...
Active Health Check strategies with Spring Cloud Gateway
Active health check strategies with Spring Cloud Gateway Nowadays, applications are built as a collection of small independent upstream services. This accelerates development and allows modules to be focused on specific responsibilities, increasing their quality. This is one of the main advantage...
WordPress Health Check & Troubleshooting Plugin < 1.6.0 CSRF Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:healthcheck%26troubleshooting"; ifdescription...
CVE-2022-47161
Cross-Site Request Forgery CSRF vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin = 1.5.1 versions...
CVE-2022-47161 WordPress Health Check & Troubleshooting Plugin <= 1.5.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in The WordPress.Org community Health Check & Troubleshooting plugin = 1.5.1 versions...
WordPress plugin Health Check & Troubleshooting 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...