LXD: Importing a crafted backup leads to project restriction bypass

Summary LXD instance backup import validates project restrictions against backup/index.yaml embedded in the tar archive, but creates the actual instance from backup/container/backup.yaml extracted to the storage volume. Because these are separate, independently attacker-controlled files within th...

DEBIAN-CVE-2026-34178

In Canonical LXD before 6.8, the backup import path validates project restrictions against backup/index.yaml in the supplied tar archive but creates the instance from backup/container/backup.yaml, a separate file in the same archive that is never checked against project restrictions. An...

Security Bulletin: Multiple vulnerabilities in IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift

Summary IBM Spectrum Protect Plus Container backup and restore for OpenShift can be affected by vulnerabilities in Python, OpenSSH, Golang Go, Redis, urllib3, dnspython and gunicorn. Vulnerabilities include denial of service, cross-site scripting, gain elevated privileges on the system, allow a...

Security Bulletin: Vulnerabilities in Pypa Setuptools, Golang Go, OpenSSH, Minio and Certifi may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift

Summary IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift can be affected by vulnerabilities in Pypa Setuptools, Golang Go, OpenSSH, Minio and Certifi. Vulnerabilities include denial of service, bypass security restrictions, HTTP request smuggling, spyware,...

Virtuozzo Hybrid Server 7.5 Update 5 (7.5.5-249)

Virtuozzo Hybrid Server 7.5 Update 5 introduces new features and provides stability and usability bug fixes. Additionally, it provides a new kernel 3.10.0-1160.90.1.vz7.200.7. Vulnerability id: PSBM-148279 Live migration of Windows 2008 Server R2 virtual machines between Virtuozzo Hybrid Server 7...

Security Bulletin: Vulnerability in OAuthlib affects IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift (CVE-2022-36087)

Summary Denial of service vulnerability in OAuthlib may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift. Vulnerability Details CVEID:CVE-2022-36087 DESCRIPTION: OAuthlib is vulnerable to a denial of service, caused by improper input validation. By sendin...

Security Bulletin: Vulnerabilities in Redis affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift (CVE-2022-24736, CVE-2022-24735)

Summary Vulnerabilities in Redis, such as denial of service and execution of arbitrary code on the system, may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift. Vulnerability Details CVEID:CVE-2022-24736 DESCRIPTION: Redis is vulnerable to a denial of...

Security Bulletin: Vulnerabilities in Golang Go and MinIO may affect IBM Spectrum Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift (CVE-2022-29804, CVE-2022-30580, CVE-2022-30629, CVE-2022-30634, CVE-2022-35919, CVE-2022-31028)

Summary Multiple vulnerabilities in Golang Go and MinIO may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift. Vulnerabilities include bypassing of security restrictions, execution of arbitrary code, obtaining sensitive information, denial of...

Security Bulletin: Vulnerability in Golang Go affects IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift (CVE-2022-29526)

Summary Golang Go is vulnerable to allowing a remote attacker to obtain sensitive information which may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift. Vulnerability Details CVEID:CVE-2022-29526 DESCRIPTION: Golang Go could allow a remote attack...

IBM Spectrum Protect Plus Container Backup and Restore权限提升漏洞

IBM Spectrum Protect Plus is a suite of data protection platforms from IBM Corporation in the United States. The platform provides enterprises with a single point of control and management, and supports backup and recovery for virtual, physical and cloud environments of all sizes. IBM Spectrum...

CVE-2022-22472

IBM Spectrum Protect Plus Container Backup and Restore 10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session...

Design/Logic Flaw

IBM Spectrum Protect Plus Container Backup and Restore 10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session...

CVE-2022-22472

IBM Spectrum Protect Plus Container Backup and Restore 10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session...

IBM Spectrum Protect Plus 安全漏洞

IBM Spectrum Protect Plus is a suite of data protection platforms from IBM Corporation in the United States. The platform provides enterprises with a single point of control and management, and supports backup and recovery for virtual, physical and cloud environments of all sizes. IBM Spectrum...

Security Bulletin: IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift vulnerable to login security bypass (CVE-2022-22472)

Summary BM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift is vulnerable to login security being bypassed which can result in gaining unauthorized access to the IBM Spectrum Protect Plus Server. Vulnerability Details CVEID: CVE-2022-22472 DESCRIPTION: IBM...

Security Bulletin: Vulnerabilities in Golang Go and MinIO may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift (CVE-2022-24842,CVE-2021-38561,CVE-2021-43565,CVE-2022-28327,CVE-2022-24675,CVE-2022-27536)

Summary Vulnerabilities in Golang Go and MinIO such as denial of service and elevated privileges may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and Red Hat OpenShift. Vulnerability Details CVEID: CVE-2022-24842 DESCRIPTION: MinIO could allow a remote authenticate...

Vulnerabilities fixed in IBM Spectrum Protect

IBM has fixed vulnerabilities in IBM Spectrum Protect and IBM Spectrum Protect Plus. The vulnerabilities allow a malicious able to launch attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Denial-of-Service DoS. Manipulation of data Bypassing authenticatio...

Security Bulletin: Vulnerabilities in Golang Go, MinIO, and Python may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and OpenShift

Summary Vulnerabilities in Golang Go, MinIO, and Python such as denial of service, elevated privilegs, and bypass of security restrictions, may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift Vulnerability Details CVEID: CVE-2021-3737 DESCRIPTION: Python...

Security Bulletin: Vulnerability in Apache Log4j may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and OpenShift (CVE-2021-44832)

Summary A vulnerability in Apache Log4j could result in remote code execution. This vulnerability may affect IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift due to its use of the Strimzi operator. The below fix package includes Apache Log4j 2.17.1. Vulnerabilit...

Security Bulletin: Vulnerabilities in Redis, OpenSSH, Golang Go, and Apache Kafka may affect IBM Spectrum Protect Plus Container Backup and Restore for Kubernetes and OpenShift

Summary IBM Spectrum Protect Plus Container backup and restore for Kubernetes and OpenShift may be affected by vulnerabilities in Redis, OpenSSH, Golang Go, and Apache Kafka such as bypass of security restrictions, denial of service, execution of arbitrary code, elevation of privileges, buffer...