Omni: Reader-level users can retrieve imported cluster CA keys via ResourceService

Summary Omni supports importing standalone Talos clusters. During this process, an ImportedClusterSecrets resource is created, which contains the full CA secrets bundle for the cluster being imported. If these secrets are not rotated by the importing actor, an authenticated Omni user with Reader...

Pulp Insecure Creation of CA Keys Vulnerability

Pulp is a free and open source repository platform for managing content. The platform supports pushing content from software packages to consumers. A security vulnerability exists in Pulp versions prior to 2.3.0, which stems from the creation of CA certificates and keys in the /tmp/$RANDOM...