MAL-2022-6022 Malicious code in serverless-api-partners (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8af028b9f3fe39c080cc581e346861bd4b942a21dda59f7eecd302d54e77e98d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in serverless-infrastructure (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bebbd005e7aca2a94388399022dc43f7cafb873c364c88ccefdd1d1d823f0134 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6023 Malicious code in serverless-infrastructure (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bebbd005e7aca2a94388399022dc43f7cafb873c364c88ccefdd1d1d823f0134 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

LambdaGuard - AWS Serverless Security

AWS Lambda is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code. LambdaGuard is an AWS Lambda auditing tool designed to create asset...

Form.io 注入漏洞

Form.io is a combined forms and API platform for serverless applications from US-based Form.io. An injection vulnerability exists in Form.io version 2.0.0, which can be exploited by an attacker to execute remote code...

Vulnerabilities fixed in Red Hat OpenShift Container Platform

Vulnerabilities have been fixed in Red Hat OpenShift Serverless Operator and Operator. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure The vulnerabilities are locate...

Moderate: Red Hat Security Advisory: Release of OpenShift Serverless Version 1.22.1

OpenShift Serverless version 1.22.1 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System CVSS base score. Version 1.22.1 of the OpenShift Serverless...

Moderate: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.22.1

Release of OpenShift Serverless Client kn 1.22.1 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Jenkins Aqua Security Serverless Scanner Plugin showed plain text password in job configuration form fields

Jenkins Aqua Security Serverless Scanner Plugin 1.0.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure...

GHSA-56GJ-927P-MFPH Jenkins Aqua Security Serverless Scanner Plugin showed plain text password in job configuration form fields

Jenkins Aqua Security Serverless Scanner Plugin 1.0.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure...

ShadowClone - Unleash The Power Of Cloud

ShadowClone allows you to distribute your long running tasks dynamically across thousands of serverless functions and gives you the results within seconds where it would have taken hours to complete. You can make full use of the Free Tiers provided by cloud providers and supercharge your mundane...

Low: Red Hat Security Advisory: Release of OpenShift Serverless Version 1.22.0

OpenShift Serverless version 1.22.0 contains a moderate security impact. The References section contains CVE links providing detailed severity ratings for each vulnerability. Ratings are based on a Common Vulnerability Scoring System CVSS base score. Version 1.22.0 of the OpenShift Serverless...

Low: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.22.0

Release of OpenShift Serverless Client kn 1.22.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

This Week in Spring - May 3rd, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! How are you doin? Im excited! This week Im speaking at the ArabJUG, and Ill be speaking at Microsofts huuuge JDConf event. Both of these are virtual. Then, next Monday, Im on a plane bound for London, UK, where Ill be speakin...

This Week in Spring - April 26th, 2022

Hi, Spring fans! Welcome to another installment of This Week in Spring! This week I was hoping to be in glorious Chicago, Illinois for the first in-person SpringOne Tour installment since the pandemic. But, alas, I couldnt go because - out of an abundance of caution, and since I was exposed to...

CloudGoat goes Serverless: A walkthrough of Vulnerable Lambda Functions

The post CloudGoat goes Serverless: A walkthrough of Vulnerable Lambda Functions appeared first on Rhino Security Labs...

Low: Red Hat Security Advisory: Release of OpenShift Serverless 1.21.1

Release of OpenShift Serverless 1.21.1 Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section...

Low: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.21.1

Release of OpenShift Serverless Client kn 1.21.1 Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Referenc...

First Malware Targeting AWS Lambda Serverless Platform Discovered

A first-of-its-kind malware targeting Amazon Web Services' AWS Lambda serverless computing platform has been discovered in the wild. Dubbed "Denonia" after the name of the domain it communicates with, "the malware uses newer address resolution techniques for command and control traffic to evade...

Moderate: Red Hat Security Advisory: Release of OpenShift Serverless Client kn 1.21.0

Release of OpenShift Serverless Client kn 1.21.0 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...