Low: Red Hat Security Advisory: Release of OpenShift Serverless 1.26.0

Release of OpenShift Serverless 1.26.0 The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System CVSS base score. Version 1.26.0 of the OpenShift Serverless Operator is supported on Red Hat...

Low: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.26.0

Release of OpenShift Serverless Client kn 1.26.0 Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...

Researchers Disclose Critical RCE Vulnerability Affecting Quarkus Java Framework

A critical security vulnerability has been disclosed in the Quarkus Java framework that could be potentially exploited to achieve remote code execution on affected systems. Tracked as CVE-2022-4116 CVSS score: 9.8, the shortcoming could be trivially abused by a malicious actor without any...

How DevOps can protect cloud applications from cyberattacks

Many organizations today are moving away from centralized on-prem operations and towards highly scalable cloud solutions such as Amazon’s AWS Lambda functionality. This provides cost-saving benefits and reduces the overall management of an enterprise tech stack. Cloud computing architecture also...

Matano - The Open-Source Security Lake Platform For AWS

Matano is an open source security lake platform for AWS. It lets you ingest petabytes of security and log data from various sources, store and query them in an open Apache Iceberg data lake, and create Python detections as code for realtime alerting. Matano is fully serverless and designed...

CVE-2021-3703

It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0...

CVE-2021-3703

It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0...

CVE-2021-3703

It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0...

CVE-2021-3703

Technical details for CVE-2021-3703 are not provided in the initial document or in any connected documents. Monitor for updates.

PT-2022-10612 · Red Hat · Openshift Serverless

It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0...

Unlocking Serverless with AWS Lambda and IAM

Learn how Lambda and IAM unlock the power and versatility of the cloud by implementing a serverless User API that can be expanded on as you grow and explore the many services on AWS...

Important: Red Hat Security Advisory: Release of OpenShift Serverless 1.24.0

Release of OpenShift Serverless 1.24.0 The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System CVSS base score. Version 1.24.0 of the OpenShift Serverless Operator is supported on Red Hat...

Important: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.24.0

Release of OpenShift Serverless Client kn 1.24.0 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

MAL-2022-6024 Malicious code in serverless-push-hasura (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f74c4c91c1908ee1ed2c1631d97fe6c08bd02fb55f30643d8097b9962881f49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in serverless-push-hasura (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6f74c4c91c1908ee1ed2c1631d97fe6c08bd02fb55f30643d8097b9962881f49 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

@5minlab/serverless-typeorm (=1.1.0), @abdelrahmannoaman-mdlabs/group-module (>=1.0.1 <=1.0.68) +2286 more potentially affected by CVE-2022-33171 via typeorm (>=0.0.10 <=0.3.0-rc.33)

typeorm NPM version =0.0.10, =1.0.1, =3.3.4, =1.0.1, =0.0.1, =0.9.3, =1.0.0, =1.1.126, =1.0.0, =1.0.0, =0.0.1, =0.1.0, =0.1.1 and more Source cves: CVE-2022-33171 Source advisory: OSV:GHSA-FX4W-V43J-VC45...

Malicious Package

Overview serverless-push-hasura is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

MAL-2022-2352 Malicious code in datadog-serverless-macro (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba2ee7b3443a0229199bf0f65989cd56d3cc784e7f184562cd9a3d74c8501f4e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in datadog-serverless-macro (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba2ee7b3443a0229199bf0f65989cd56d3cc784e7f184562cd9a3d74c8501f4e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in serverless-api-partners (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8af028b9f3fe39c080cc581e346861bd4b942a21dda59f7eecd302d54e77e98d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...