37 matches found
kernel: nfsd: initialise nfsd_info.mutex early.
In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsdinfo.mutex early. nfsdinfo.mutex can be dereferenced by svcpoolstatsstart immediately after the new netns is created. Currently this can trigger an oops. Move the initialisation earlier before it can possibly...
DEBIAN-CVE-2024-42078
In the Linux kernel, the following vulnerability has been resolved: nfsd: initialise nfsdinfo.mutex early. nfsdinfo.mutex can be dereferenced by svcpoolstatsstart immediately after the new netns is created. Currently this can trigger an oops. Move the initialisation earlier before it can possibly...
BIT-VAULT-2023-3774 Vault Enterprise Namespace Creation May Lead to Denial of Service
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9...
CVE-2023-3774
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9...
CVE-2023-3774
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9...
Design/Logic Flaw
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9...
CVE-2023-3774 Vault Enterprise Namespace Creation May Lead to Denial of Service
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9...
CVE-2023-3774 Vault Enterprise Namespace Creation May Lead to Denial of Service
An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash, potentially resulting in denial of service. Fixed in 1.14.1, 1.13.5, and 1.12.9...
HashiCorp Vault Enterprise 安全漏洞
HashiCorp Vault is a private key access management tool from the US-based HashiCorp. A security vulnerability exists in HashiCorp Vault Enterprise that stems from the creation of a namespace that could cause the Vault process to crash, which could lead to a denial of service DoS...
PT-2023-26086 · Hashicorp · Vault Enterprise
Name of the Vulnerable Software and Affected Versions: Vault Enterprise versions prior to 1.14.1 Vault Enterprise versions prior to 1.13.5 Vault Enterprise versions prior to 1.12.9 Description: An unhandled error in Vault Enterprise's namespace creation may cause the Vault process to crash,...
CVE-2023-23468
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500...
Security feature bypass
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500...
IBM Robotic Process Automation 安全漏洞
IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM. can help you automate more business and IT processes at scale with the ease and speed of traditional RPA. A security vulnerability exists in IBM Robotic Process Automation for Cloud Pa...
PT-2023-5440 · Ibm · Ibm Robotic Process Automation For Cloud Pak
Name of the Vulnerable Software and Affected Versions: IBM Robotic Process Automation for Cloud Pak versions 21.0.1 through 21.0.7.3 IBM Robotic Process Automation for Cloud Pak versions 23.0.0 through 23.0.3 Description: The issue is related to insufficient security configuration, which may allo...
Security Bulletin: IBM Robotic Process Automation for Cloud Pak is vulnerable to insufficient security configuration (CVE-2023-23468).
Summary IBM Robotic Process Automation for Cloud Pak is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster CVE-2023-23468. This bulletin identifies the security fixes to apply to address this vulnerability. Vulnerability Details...
CVE-2022-32250
net/netfilter/nftablesapi.c in the Linux kernel through 5.18.1 allows a local user able to create user/net namespaces to escalate privileges to root because an incorrect NFTSTATEFULEXPR check leads to a use-after-free...
CVE-2019-10110
An Insecure Permissions issue issue 1 of 3 was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The "move issue" feature may allow a user to create projects under any namespace on any GitLab instance on which they hold credential...