CVE-2022-43831

IBM Storage Scale Container Native Storage Access versions 5.1.2.1–5.1.6.1 expose a local privilege escalation where a local user can gain escalated privileges on the host due to improper security context settings. Affected product is IBM Storage Scale Container Native Storage Access; root cause ...

PT-2023-14370 · Ibm · Ibm Storage Scale Container Native Storage Access

Name of the Vulnerable Software and Affected Versions: IBM Storage Scale Container Native Storage Access versions 5.1.2.1 through 5.1.6.1 Description: The issue allows a local user to obtain escalated privileges on a host without proper security context settings configured. Recommendations: For...

CVE-2023-38495

Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, Crossplane's image backend does not validate the byte contents of Crossplane packages. As such, Crossplane does not detect if an attacker has tampered...

Code injection

Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, Crossplane's image backend does not validate the byte contents of Crossplane packages. As such, Crossplane does not detect if an attacker has tampered...

CVE-2023-38495

Crossplane versions prior to 1.11.5, 1.12.3, and 1.13.0 have a flaw in the image backend where the byte contents of packages are not validated, allowing tampering to go undetected. The vulnerability is fixed in 1.11.5, 1.12.3, and 1.13.0. Workarounds include using images from trusted sources and ...

CVE-2023-38495 Crossplane vulnerable to possible image tampering from missing image validation for Packages

Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, Crossplane's image backend does not validate the byte contents of Crossplane packages. As such, Crossplane does not detect if an attacker has tampered...

Security Bulletin: A vulnerability in IBM Storage Scale Container Native that could allow a local user to obtain escalated privileges on a host (CVE-2022-43831)

Summary A security vulnerability has been identified in IBM Storage Scale Container Native that could allow a local user to obtain escalated privileges on a host . A fix for this vulnerability is available. Vulnerability Details CVEID:CVE-2022-43831 DESCRIPTION: IBM Spectrum Scale could allow a...

CVE-2023-37900 Crossplane vulnerable to denial of service from large image

Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, a high-privileged user could create a Package referencing an arbitrarily large image containing that Crossplane would then parse, possibly resulting i...

CVE-2023-37900

Crossplane vulnerability CVE-2023-37900 allows a high-privilege user to create a Package referencing an arbitrarily large image, which Crossplane may parse and exhaust memory, potentially causing the container to be OOMKilled. Impact is mitigated by the need for high privileges and the eventual c...

CVE-2023-35943

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, the CORS filter will segfault and crash Envoy when the origin header is removed and deleted between decodeHeadersand encodeHeaders. Versions 1.27....

Code injection

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, the CORS filter will segfault and crash Envoy when the origin header is removed and deleted between decodeHeadersand encodeHeaders. Versions 1.27....

CVE-2023-35944 Envoy vulnerable to incorrect handling of HTTP requests and responses with mixed case schemes

Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTTP/2, however, some internal scheme checks are case-sensitive. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, this can lead to the rejection of requests wit...

CVE-2023-35944

CVE-2023-35944 affects Envoy. The issue arises from case-sensitive internal HTTP/2 scheme checks, allowing mixed-case schemes (e.g., htTp, htTps) to be rejected or to bypass certain requests over unencrypted connections. The vulnerability exists prior to fixed releases and is mitigated by a patch...

CVE-2023-35944 Envoy vulnerable to incorrect handling of HTTP requests and responses with mixed case schemes

Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTTP/2, however, some internal scheme checks are case-sensitive. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, this can lead to the rejection of requests wit...

Design/Logic Flaw

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the some rare scenarios ...

CVE-2023-35941

Envoy CVE-2023-35941 affects vulnerable OAuth2 filter handling across multiple pre-fix releases (Envoy 1.27.0, 1.26.4, 1.25.9, 1.24.10, 1.23.12 and earlier). The issue allows a malicious client to construct credentials with permanent validity in specific scenarios where HMAC payload validation co...

CVE-2023-35941 Envoy vulnerable to OAuth2 credentials exploit with permanent validity

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, a malicious client is able to construct credentials with permanent validity in some specific scenarios. This is caused by the some rare scenarios ...

Users do not get charged for the value their proposal will need

Lines of code Vulnerability details Impact Depending on whether the destination chain InterchainProposalExecutor's native token balance the transaction will either steal funds or will fail. Proof of Concept Users can provide an amount of native tokens they want to send to the call they will make ...

The is no way for native tokens to get sent to InterchainProposalExecutor

Lines of code Vulnerability details Impact Proposals that require value cannot be executed as native tokens on the other side of the bridge cannot be provided. Proof of Concept Proposals have a value parameter, which allows users to specify what amount of native tokens should be passed when calli...

InterchainProposalExecutor will fail if any proposal requires value transfer, breaking core logic

Lines of code Vulnerability details Impact Proposals which are sent from a source chain using InterchainProposalSender to a destination chain to be executed using InterchainProposalExecutor are intended to support function calls that include transfers of ETH, or other native token. However, the...