EUVD-2022-6388

Malicious code in bioql PyPI...

SUSE SLES15 / openSUSE 15 Security Update : aws-iam-authenticator (SUSE-SU-2024:4329-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:4329-1 advisory. - CVE-2022-1996: Fixed CORS bypass bsc1200528. Tenable has extracted the preceding description block directly from the SUSE...

Security update for aws-iam-authenticator

This update for aws-iam-authenticator fixes the following issues: CVE-2022-1996: Fixed CORS bypass bsc1200528. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for...

SUSE-SU-2024:4329-1 Security update for aws-iam-authenticator

This update for aws-iam-authenticator fixes the following issues: - CVE-2022-1996: Fixed CORS bypass bsc1200528...

Fedora: Security Advisory for golang-sigs-k8s-aws-iam-authenticator (FEDORA-2022-5038c3236c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:2583-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-sigs-k8s-aws-iam-authenticator-0.5.2-8.fc36

A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. The initial work on this tool was driven by Heptio. The project receives contributions from multiple community engineers and is currently maintained by Heptio and Amazon EKS OSS Engineers...

openSUSE: Security Advisory for aws-iam-authenticator (SUSE-SU-2022:2583-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES15 Security Update : aws-iam-authenticator (SUSE-SU-2022:2583-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2583-1 advisory. - A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and...

SUSE-SU-2022:2583-1 Security update for aws-iam-authenticator

This update for aws-iam-authenticator fixes the following issues: - CVE-2022-2385: Fixed AccessKeyID validation bypass bsc1201395...

GHSA-PP3F-98QG-5G75 aws-iam-authenticator allow-listed IAM identity may be able to modify their username, escalate privileges before v0.5.9

A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges...

aws-iam-authenticator allow-listed IAM identity may be able to modify their username, escalate privileges before v0.5.9

A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges...

CVE-2022-2385

A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges...

CVE-2022-2385

aws-iam-authenticator (sigs.k8s.io/aws-iam-authenticator) contains CVE-2022-2385, where an allow-listed IAM identity may modify their username and escalate privileges. Technical details in connected docs indicate the issue relates to an AccessKeyID validation bypass in versions prior to v0.5.9. A...

PT-2022-16291 · Amazon +1 · Aws-Iam-Authenticator +1

Name of the Vulnerable Software and Affected Versions: aws-iam-authenticator versions prior to 0.5.9 Description: A security issue was discovered in aws-iam-authenticator where an allow-listed IAM identity may be able to modify their username and escalate privileges. Recommendations: For versions...

Kubernetes: Bypass validation parts in AWS IAM Authenticator for Kubernetes

Multiple bypasses were discovered in AWS IAM Authenticator for Kubernetes. An attacker could craft a token without a signed cluster ID header and use it for replay attacks, manipulate the extracted AccessKeyID to gain higher permissions in the cluster, and send a request to other action values...