Improper Authorization Enforcement

github.com/rancher/rancher is vulnerable to improper authorization enforcement. The vulnerability is due to improper revocation of permissions after removing a custom GlobalRole or its binding, which allows an attacker to retain unauthorized administrative access to clusters when the role contain...

Important: Red Hat Security Advisory: multicluster engine for Kubernetes v2.8.4 security update

The multicluster engine for Kubernetes 2.8 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. The multicluster engine for Kubernetes v2.8 images The multicluster engine for Kubernetes provides the foundational components that are...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003233)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003233 advisory. It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.8.2 release.

Red Hat Developer Hub 1.8.2 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

Important: Red Hat Security Advisory: VolSync v0.14 security fixes and container updates

VolSync v0.14 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2022-31677

An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor before v0.19.0. A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their access token to continue their session beyond what proper use of their refresh token might allow...

CVE-2022-35930

PolicyController is a utility used to enforce supply chain policy in Kubernetes clusters. In versions prior to 0.2.1 PolicyController will report a false positive, resulting in an admission when it should not be admitted when there is at least one attestation with a valid signature and there are ...

CVE-2025-62877 Harvest may expose OS default ssh login password via SUSE Virtualization Interactive Installer

Projects using the SUSE Virtualization Harvester environment may expose the OS default ssh login password if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is...

UBUNTU-CVE-2022-50746

In the Linux kernel, the following vulnerability has been resolved: erofs: validate the extent length for uncompressed pclusters syzkaller reported a KASAN use-after-free: https://syzkaller.appspot.com/bug?extid=2ae90e873e97f1faf6f2 The referenced fuzzed image actually has two issues: - mpa == 0 ...

APT-ClaritySet: A Large-Scale, High-Fidelity Labeled Dataset for APT Malware with Alias Normalization and Graph-Based Deduplication

Large-scale, standardized datasets for Advanced Persistent Threat APT research are scarce, and inconsistent actor aliases and redundant samples hinder reproducibility. This paper presents APT-ClaritySet and its construction pipeline that normalizes threat actor aliases reconciling approximately...

Important: Red Hat Security Advisory: Red Hat Developer Hub 1.7.3 release.

Red Hat Developer Hub 1.7.3 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.12.83 bug fix and security update

Red Hat OpenShift Container Platform release 4.12.83 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

kernel: mm: swap: fix potential buffer overflow in setup_clusters()

In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential buffer overflow in setupclusters In setupswapmap, we only ensure badpages are in range 0, lastpage. As maxpages might be = maxpages. Only call incclusterinfopage for badpage which is maxpages to fix the...

Moderate: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.9.1

Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.9.1 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.9.1 release that simplify the process of...

CVE-2023-32199

A vulnerability has been identified within Rancher Manager, where after removing a custom GlobalRole that gives administrative access or the corresponding binding, the user still retains access to clusters. This only affects custom Global Roles that have a on in rule for resources or have a on ru...

kernel: mm: swap: fix potential buffer overflow in setup_clusters()

In the Linux kernel, the following vulnerability has been resolved: mm: swap: fix potential buffer overflow in setupclusters In setupswapmap, we only ensure badpages are in range 0, lastpage. As maxpages might be = maxpages. Only call incclusterinfopage for badpage which is maxpages to fix the...

Bringing Visibility to Kubernetes: Unified Inventory and Network Insight

Bridge the gap between Platform and Security teams with unified inventory and network visibility across Kubernetes clusters...

EUVD-2021-24223

Malware in sbrugna...

EUVD-2020-12570

Malware in sbrugna...

EUVD-2003-1179

Malware in sbrugna...