100 matches found
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.13.0 release.
Red Hat Web Terminal Operator 1.13.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.15.0 release.
Red Hat Web Terminal Operator 1.15.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.11.1 release.
Red Hat Web Terminal Operator 1.11.1 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.14.0 release.
Red Hat Web Terminal Operator 1.14.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.12.1 release.
Red Hat Web Terminal Operator 1.12.1 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
CVE-2026-43633
HestiaCP versions 1.9.0 through 1.9.4 contain a deserialization vulnerability in the web terminal component caused by a session format mismatch between PHP and Node.js that allows unauthenticated remote attackers to achieve root-level code execution. Attackers can inject crafted data into HTTP...
CVE-2026-43633
HestiaCP versions 1.9.0 through 1.9.4 contain a deserialization vulnerability in the web terminal component caused by a session format mismatch between PHP and Node.js that allows unauthenticated remote attackers to achieve root-level code execution. Attackers can inject crafted data into HTTP...
CVE-2026-43633 HestiaCP 1.9.0-1.9.4 Deserialization RCE via Web Terminal
HestiaCP versions 1.9.0 through 1.9.4 contain a deserialization vulnerability in the web terminal component caused by a session format mismatch between PHP and Node.js that allows unauthenticated remote attackers to achieve root-level code execution. Attackers can inject crafted data into HTTP...
EUVD-2026-30933
HestiaCP versions 1.9.0 through 1.9.4 contain a deserialization vulnerability in the web terminal component caused by a session format mismatch between PHP and Node.js that allows unauthenticated remote attackers to achieve root-level code execution. Attackers can inject crafted data into HTTP...
CVE-2026-43633
CVE-2026-43633 affects HestiaCP versions 1.9.0–1.9.4, where a deserialization vulnerability in the web terminal component is caused by a session format mismatch between PHP and Node.js. Unauthenticated remote attackers can trigger root‑level code execution by injecting crafted data into HTTP head...
CVE-2026-43633 HestiaCP 1.9.0-1.9.4 Deserialization RCE via Web Terminal
HestiaCP versions 1.9.0 through 1.9.4 contain a deserialization vulnerability in the web terminal component caused by a session format mismatch between PHP and Node.js that allows unauthenticated remote attackers to achieve root-level code execution. Attackers can inject crafted data into HTTP...
HestiaCP 代码问题漏洞
HestiaCP is a lightweight and powerful control panel suitable for modern networks. Versions 1.9.0 to 1.9.4 of HestiaCP have code vulnerabilities. These vulnerabilities stem from deserialization in the Web terminal component, allowing unauthenticated remote attackers to execute root-level code...
PT-2026-41897
Name of the Vulnerable Software and Affected Versions HestiaCP versions 1.9.0 through 1.9.4 Description A deserialization issue exists in the web terminal component due to a session format mismatch between PHP and Node.js. This allows unauthenticated remote attackers to achieve root-level code...
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.11.0 release.
Red Hat Web Terminal Operator 1.11.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.12.0 release.
Red Hat Web Terminal Operator 1.12.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.13.0 release.
Red Hat Web Terminal Operator 1.13.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.14.0 release.
Red Hat Web Terminal Operator 1.14.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.15.0 release.
Red Hat Web Terminal Operator 1.15.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...
EUVD-2025-209302
A container privilege escalation flaw was found in certain Web Terminal images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root...
CVE-2025-57853
A container privilege escalation flaw was found in certain Web Terminal images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root...