36 matches found
apache-kafka: Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration
A flaw was found in apache-kafka. This issue occurs due to improper handling of configuration data when using a Kafka client SASL JAAS, allowing an attacker with access to alterConfig for a cluster resource or Kafka Connect worker to inject arbitrary configuration. This injection can lead to the...
OESA-2025-2318 kubernetes security update
Container cluster management. Security Fixes: A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference...
CVE-2025-5187
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
CVE-2025-5187
CVE-2025-5187 is a Kubernetes NodeRestriction vulnerability: node users can delete their own node object by patching an OwnerReference to a cluster-scoped resource, leading to potential node deletion if the OwnerReference resource is missing or GC removes it. The IBM bulletin notes this CVE (alon...
CVE-2025-5187 Nodes can delete themselves by adding an OwnerReference
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
CVE-2025-5187 Nodes can delete themselves by adding an OwnerReference
A vulnerability exists in the NodeRestriction admission controller in Kubernetes clusters where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently delete...
pacemaker bug fix update
An update is available for pacemaker. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Pacemaker cluster resource manager is a collection of technologies...
[SECURITY] [DSA 5529-1] slurm-wlm security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5529-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 17, 2023 https://www.debian.org/security/faq -...
pacemaker bug fix and enhancement update
An update is available for pacemaker. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Pacemaker cluster resource manager is a collection of technologies...
ALSA-2022:6580 Moderate: booth security update
The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network...
pacemaker bug fix and enhancement update
An update is available for pacemaker. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Pacemaker cluster resource manager is a collection of technologies...
booth security update
An update is available for booth. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Booth cluster ticket manager is a component to bridge high availability...
pacemaker enhancement update
An update is available for pacemaker. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Pacemaker cluster resource manager is a collection of technologies...
Pacemaker 授权问题漏洞
Pacemaker is a scalable, high-availability cluster resource manager. An authorization issue vulnerability exists in pcs in the Pacemaker management tool that stems from the pcs daemon allowing accounts with expired accounts and passwords to log in when using PAM authentication...
ALBA-2021:3578 pacemaker bug fix and enhancement update
The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Bug Fixes and Enhancements: pacemaker seems to end up in an unfence loop BZ1972273 On a three-node cluster if two nodes are...
pacemaker bug fix and enhancement update
The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Bug Fixes and Enhancements: pacemaker seems to end up in an unfence loop BZ1972273 On a three-node cluster if two nodes are...
pacemaker bug fix and enhancement update
An update is available for pacemaker. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Pacemaker cluster resource manager is a collection of technologies...
pacemaker bug fix and enhancement update
The Pacemaker cluster resource manager is a collection of technologies working together to maintain data integrity and application availability in the event of failures. Bug Fixes and Enhancements: pacemaker never promotes a bundle until another transition unblocks it BZ1935240 pacemaker generate...
Debian: Security Advisory (DLA-2519-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2519-1] pacemaker security update
Debian LTS Advisory DLA-2519-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 06, 2021 https://wiki.debian.org/LTS Package : pacemaker Version : 1.1.24-0+deb9u1 CVE ID : CVE-2018-16877 CVE-2018-16878 CVE-2020-25654 Several security vulnerabilities were...