11 matches found
EUVD-2018-3776
Malware in sbrugna...
Apache OpenWhisk Remote Code Execution Vulnerability (CNVD-2018-14727)
Apache OpenWhisk is an open source FaaS cloud platform from the Apache Software Foundation in the U.S. Docker Skeleton Runtime for Apache OpenWhisk is its Docker-based version. A security vulnerability exists in Docker Skeleton Runtime for Apache OpenWhisk. The vulnerability can be exploited to...
Security Bulletin: IBM Cloud Functions is affected by two function runtimevulnerabilities
Summary IBM Cloud Functions has addressed the following vulnerabilities. Users of the IBM Cloud Functions service that are using docker actions https://console.bluemix.net/docs/openwhisk/openwhiskactions.htmlcreating-docker-actions are affected but only if the user's function has a general securi...
Apache, IBM Patch Critical Cloud Vulnerability
Apache and IBM have patched a critical vulnerability that allows attackers to replace a company’s serverless code with their own malicious script. Once running, the bad code could then be used for a range of nefarious tasks, including extracting confidential customer data such as passwords or...
Code injection
In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.0.1 or earlier may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation...
CVE-2018-11756
In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.0.1 or earlier may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation...
CVE-2018-11756
In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.0.1 or earlier may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation...
CVE-2018-11757
In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inheriting the Docker tag openwhisk/dockerskeleton:1.3.0 or earlier may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation...
CVE-2018-11757
In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inheriting the Docker tag openwhisk/dockerskeleton:1.3.0 or earlier may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation...
CVE-2018-11756
In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.0.1 or earlier may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation...
CVE-2018-11757
CVE-2018-11757 affects Docker Skeleton Runtime for Apache OpenWhisk. A Docker action using openwhisk/dockerskeleton:1.3.0 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation. The issue is described in multiple so...