CVE-2024-11029

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

CVE-2024-11029

A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...

PT-2025-1618 · Freeipa +4 · Freeipa +4

Name of the Vulnerable Software and Affected Versions: FreeIPA affected versions not specified Description: A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the...

GHSA-G25R-GVQ3-WRQ7 Authenticated user can gain unauthorized shell pod and kubectl access in the local cluster

Impact An issue was discovered in Rancher where an authorization logic flaw allows an authenticated user on any downstream cluster to 1 open a shell pod in the Rancher local cluster and 2 have limited kubectl access to it. The expected behavior is that a user does not have such access in the...

Malicious code in bfx-ws2-api-audit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4aa321103468bc42d52655217679df5a46958d2714780f7f4443659ed50d457 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...