758 matches found
Moderate: Red Hat Security Advisory: haproxy security and bug fix update
An update for haproxy is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
Moderate: haproxy security and bug fix update
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: data leak via fcgi requests CVE-2023-0836 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relate...
ALSA-2023:6496 Moderate: haproxy security and bug fix update
The haproxy packages provide a reliable, high-performance network load balancer for TCP and HTTP-based applications. Security Fixes: haproxy: data leak via fcgi requests CVE-2023-0836 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relate...
Kubernetes man in the middle using LoadBalancer or ExternalIPs
...
PT-2023-12075 · Unknown · Kube-Proxy
Name of the Vulnerable Software and Affected Versions: Kube-proxy versions affected versions not specified Description: The issue concerns Kube-proxy on Windows, which can unintentionally forward traffic to local processes listening on the same port spec.ports.port as a LoadBalancer Service. This...
Virtuozzo Hybrid Infrastructure 5.4 Update 4 Hotfix 2 (5.4.4-132)
This update provides important stability, security, and performance improvements. Vulnerability id: VSTOR-75357 Fixed a critical security vulnerability. Vulnerability id: VSTOR-76306 Fixed a problem that may occur while closing files with erasure coding. Vulnerability id: VSTOR-76257 Add the...
CVE-2023-39325 vulnerabilities
Vulnerabilities for packages: minio, memcached-exporter, k8sgpt-operator, metrics-server-fips, crossplane-provider-azure, kube-fluentd-operator, kiam, volume-modifier-for-k8s-fips, newrelic-infrastructure-agent, prometheus-bind-exporter, chartmuseum, vertical-pod-autoscaler, kube-state-metrics,...
GHSA-4374-P667-P6C8 vulnerabilities
Vulnerabilities for packages: minio, memcached-exporter, k8sgpt-operator, metrics-server-fips, crossplane-provider-azure, kube-fluentd-operator, kiam, volume-modifier-for-k8s-fips, newrelic-infrastructure-agent, prometheus-bind-exporter, chartmuseum, vertical-pod-autoscaler, kube-state-metrics,...
F5 BIG-IP 路径遍历漏洞
F5 BIG-IP is an application delivery platform from F5 that integrates network traffic orchestration, load balancing, intelligent DNS, remote access policy management and other functions. A directory traversal vulnerability exists in the F5 BIG-IP configuration utility, which can be exploited by a...
Amazon Linux 2 : nginx (ALASNGINX1-2023-004)
The version of nginx installed on the remote host is prior to 1.18.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2023-004 advisory. NGINX before 1.17.7, with certain errorpage configurations, allows HTTP request smuggling, as demonstrated by the ability of an...
How to check the port connectivity between NetScaler and VDA server
This article describes how to check port connectivity between NetScaler SNIP and VDA over TCP 2598 or 1494 by LB service...
How to create a TLS1.3 profile on NetScaler
This is a step-by-step on how to create a profile TLS 1.3 on the NetScaler and attach those to specific LB Virtual Server...
Citrix ADC 和 Citrix Gateway 安全漏洞
Citrix Systems Citrix Gateway Citrix Systems NetScaler Gateway and Citrix ADC are both products of Citrix Systems, Inc.Citrix Gateway is a secure remote access solution. The product provides administrators with application-level and data-level controls to enable users to remotely access...
GHSA-3FQM-FRHG-7C85 Graylog user session is still usable after logout
Summary In a multi-node Graylog cluster, after a user has explicitly logged out, a user session may still be used for API requests until it has reached its original expiry time. Details Each node maintains an in-memory cache of user sessions. Upon a cache-miss, the session is loaded from the...
GHSA-R25M-CR6V-P9HQ ethyca-fides Webserver API Path Traversal vulnerability
Impact A path traversal directory traversal vulnerability affects fides versions lower than 2.15.1, allowing remote attackers to access arbitrary files on the fides webserver container's filesystem. Patches The vulnerability is patched in fides 2.15.1. Users should upgrade to this version...
ethyca-fides Webserver API Path Traversal vulnerability
Impact A path traversal directory traversal vulnerability affects fides versions lower than 2.15.1, allowing remote attackers to access arbitrary files on the fides webserver container's filesystem. Patches The vulnerability is patched in fides 2.15.1. Users should upgrade to this version...
CVE-2023-36827
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
PYSEC-2023-107
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
Path traversal
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...
PYSEC-2023-107
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...